Besoin d'aide trojan et my security engine

Fermé

Agamemnon - 30 avril 2010 à 11:45
Utilisateur anonyme - 1 mai 2010 à 03:02

Bonjour,

voila depuis hier mon navigateur ouvre des fenetres publicitaires intempestives et mon ordi me signale sans arret que je suis victime de trojan, trust warriors, BAT Looper, etc. lorsque je clique sur "remove" dans la fenetre d'affichage il me redirige sur une page me proposant d'acheter une protection antivirale. bref, une icone "my security engine" est apparue sur mon bureau et dans mes programmes et tout cela persiste peu importe la façon dont je tente de les supprimes.

le pc ne semble pas altéré outre mesure, ormis l'apparition de ces fenetres d'avertissement et de pub, par contre j'ai bien peur que l'on puisse détecter mes mots de passe et login, etc. J'ai réalisé un scan a laide d'antivir qui me signale bien la présence de divers Tr/spy.gen, Tr/crypt.zpack.gen, etc.

Mes faibles connaissances informatiques ne m'aident pas dans ce cas précis.
J'espere que quelqu'un pourra preter attention à ma demande et m expliquer comment erradiquer cette saleté. D'autant que ce pc n'est pas le mien et que je flippe sérieusement!

je vous remercie d'avance

J'ai réaliser un scan via avira antivir que voici:

Avira AntiVir Personal
Date de création du fichier de rapport : vendredi 30 avril 2010 10:57

La recherche porte sur 1265407 souches de virus.

Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : manage
Nom de l'ordinateur : ANNE

Informations de version :
BUILD.DAT : 9.0.0.74 21698 Bytes 4/12/2009 13:56:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 09:25:46
AVSCAN.DLL : 9.0.3.0 49409 Bytes 3/03/2009 08:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 09:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 3/03/2009 08:21:31
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 05:35:52
VBASE001.VDF : 7.10.0.1 2048 Bytes 6/11/2009 05:35:56
VBASE002.VDF : 7.10.0.2 2048 Bytes 6/11/2009 05:35:58
VBASE003.VDF : 7.10.0.3 2048 Bytes 6/11/2009 05:36:02
VBASE004.VDF : 7.10.0.4 2048 Bytes 6/11/2009 05:36:04
VBASE005.VDF : 7.10.0.5 2048 Bytes 6/11/2009 05:36:08
VBASE006.VDF : 7.10.0.6 2048 Bytes 6/11/2009 05:36:12
VBASE007.VDF : 7.10.0.7 2048 Bytes 6/11/2009 05:36:16
VBASE008.VDF : 7.10.0.8 2048 Bytes 6/11/2009 05:36:18
VBASE009.VDF : 7.10.0.9 2048 Bytes 6/11/2009 05:36:22
VBASE010.VDF : 7.10.0.10 2048 Bytes 6/11/2009 05:36:30
VBASE011.VDF : 7.10.0.11 2048 Bytes 6/11/2009 05:36:34
VBASE012.VDF : 7.10.0.12 2048 Bytes 6/11/2009 05:36:38
VBASE013.VDF : 7.10.0.13 2048 Bytes 6/11/2009 05:36:40
VBASE014.VDF : 7.10.0.14 2048 Bytes 6/11/2009 05:36:44
VBASE015.VDF : 7.10.0.15 2048 Bytes 6/11/2009 05:36:46
VBASE016.VDF : 7.10.0.16 2048 Bytes 6/11/2009 05:36:48
VBASE017.VDF : 7.10.0.17 2048 Bytes 6/11/2009 05:36:50
VBASE018.VDF : 7.10.0.18 2048 Bytes 6/11/2009 05:36:54
VBASE019.VDF : 7.10.0.19 2048 Bytes 6/11/2009 05:36:56
VBASE020.VDF : 7.10.0.20 2048 Bytes 6/11/2009 05:36:58
VBASE021.VDF : 7.10.0.21 2048 Bytes 6/11/2009 05:37:00
VBASE022.VDF : 7.10.0.22 2048 Bytes 6/11/2009 05:37:04
VBASE023.VDF : 7.10.0.23 2048 Bytes 6/11/2009 05:37:06
VBASE024.VDF : 7.10.0.24 2048 Bytes 6/11/2009 05:37:10
VBASE025.VDF : 7.10.0.25 2048 Bytes 6/11/2009 05:37:12
VBASE026.VDF : 7.10.0.26 2048 Bytes 6/11/2009 05:37:14
VBASE027.VDF : 7.10.0.27 2048 Bytes 6/11/2009 05:37:16
VBASE028.VDF : 7.10.0.28 2048 Bytes 6/11/2009 05:37:18
VBASE029.VDF : 7.10.0.29 2048 Bytes 6/11/2009 05:37:20
VBASE030.VDF : 7.10.0.30 2048 Bytes 6/11/2009 05:37:22
VBASE031.VDF : 7.10.0.33 2048 Bytes 6/11/2009 05:37:24
Version du moteur : 8.2.1.59
AEVDF.DLL : 8.1.1.2 106867 Bytes 8/11/2009 05:38:52
AESCRIPT.DLL : 8.1.2.43 528764 Bytes 8/11/2009 05:38:48
AESCN.DLL : 8.1.2.5 127346 Bytes 8/11/2009 05:38:46
AESBX.DLL : 8.1.1.1 246132 Bytes 8/11/2009 05:38:44
AERDL.DLL : 8.1.3.2 479604 Bytes 8/11/2009 05:38:42
AEPACK.DLL : 8.2.0.3 422261 Bytes 8/11/2009 05:38:40
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 8/11/2009 05:38:38
AEHEUR.DLL : 8.1.0.178 2093431 Bytes 8/11/2009 05:38:34
AEHELP.DLL : 8.1.7.0 237940 Bytes 8/11/2009 05:38:30
AEGEN.DLL : 8.1.1.71 364916 Bytes 8/11/2009 05:38:28
AEEMU.DLL : 8.1.1.0 393587 Bytes 8/11/2009 05:38:26
AECORE.DLL : 8.1.8.2 184694 Bytes 8/11/2009 05:38:24
AEBB.DLL : 8.1.0.3 53618 Bytes 8/11/2009 05:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 06:47:30
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 13:13:31
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 12:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 7/11/2008 13:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 13:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 08:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 13:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 06:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 7/11/2008 13:40:59
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 11:44:26
RCTEXT.DLL : 9.0.73.0 88321 Bytes 2/11/2009 14:58:32

Configuration pour la recherche actuelle :
Nom de la tâche...............................: ShlExt
Fichier de configuration......................: C:\DOCUME~1\manage\LOCALS~1\Temp\0a6962c0.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:,
Recherche dans les programmes actifs..........: arrêt
Recherche en cours sur l'enregistrement.......: arrêt
Recherche de Rootkits.........................: arrêt
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Sélection de fichiers intelligente
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen

Début de la recherche : vendredi 30 avril 2010 10:57

La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\lsass.exe.vir
[RESULTAT] Contient le cheval de Troie TR/Spy.Gen
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\WINDOWS\system32\net.net.vir
[RESULTAT] Contient le cheval de Troie TR/Crypt.PEPM.Gen
C:\WINDOWS\system32\pkczxyx.dll
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\youja_.dll
[RESULTAT] Contient le cheval de Troie TR/Spy.Gen
C:\WINDOWS\system32\drivers\pcuzsrdo.sys
[RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen
C:\WINDOWS\system32\drivers\sptd.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\drivers\xoctfoyg.sys
[RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen
C:\WINDOWS\Temp\koiw.tmp\svchost.exe
[RESULTAT] Contient le cheval de Troie TR/Downloader.Gen

Début de la désinfection :
C:\lsass.exe.vir
[RESULTAT] Contient le cheval de Troie TR/Spy.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4c3ba16a.qua' !
C:\WINDOWS\system32\net.net.vir
[RESULTAT] Contient le cheval de Troie TR/Crypt.PEPM.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4c4ea15c.qua' !
C:\WINDOWS\system32\youja_.dll
[RESULTAT] Contient le cheval de Troie TR/Spy.Gen
[AVERTISSEMENT] Erreur lors de la création d'une copie de sécurité du fichier. Le fichier n'a pas été supprimé. Code d'erreur : 26003
[AVERTISSEMENT] Impossible de supprimer le fichier !
[REMARQUE] Tentative en cours d'exécuter l'action à l'aide de la bibliothèque ARK.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4d98fe27.qua' !
C:\WINDOWS\system32\drivers\pcuzsrdo.sys
[RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen
[AVERTISSEMENT] Erreur lors de la création d'une copie de sécurité du fichier. Le fichier n'a pas été supprimé. Code d'erreur : 26003
[AVERTISSEMENT] Impossible de supprimer le fichier !
[REMARQUE] Tentative en cours d'exécuter l'action à l'aide de la bibliothèque ARK.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4f0ae697.qua' !
C:\WINDOWS\system32\drivers\xoctfoyg.sys
[RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen
[AVERTISSEMENT] Erreur lors de la création d'une copie de sécurité du fichier. Le fichier n'a pas été supprimé. Code d'erreur : 26004
[AVERTISSEMENT] Impossible de trouver le fichier source.
[REMARQUE] Tentative en cours d'exécuter l'action à l'aide de la bibliothèque ARK.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4c3da16f.qua' !
C:\WINDOWS\Temp\koiw.tmp\svchost.exe
[RESULTAT] Contient le cheval de Troie TR/Downloader.Gen
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4c3da17a.qua' !

Fin de la recherche : vendredi 30 avril 2010 11:21
Temps nécessaire: 20:28 Minute(s)

La recherche a été effectuée intégralement

3720 Les répertoires ont été contrôlés
178973 Des fichiers ont été contrôlés
6 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
6 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
3 Impossible de contrôler des fichiers
178964 Fichiers non infectés
1752 Les archives ont été contrôlées
6 Avertissements
7 Consignes

A voir également:

Besoin d'aide trojan et my security engine
What is my movie français - Télécharger - Divers TV & Vidéo
Chat engine - Télécharger - Outils Internet
Zooking engine ✓ - Forum Huawei
Trojan remover - Télécharger - Antivirus & Antimalwares
Microsoft security essentials - Télécharger - Antivirus & Antimalwares

56 réponses

Réponse 1 / 56

Utilisateur anonyme
30 avril 2010 à 16:47

non tu es bien infectée lol

▶ Relance List_Kill'em(soit en clic droit pour vista/7),avec le raccourci sur ton bureau.
mais cette fois-ci :

▶ choisis l'Option Clean

ton PC va redemarrer,

laisse travailler l'outil.

en fin de scan la fenetre se ferme , et tu as un rapport du nom de Kill'em.txt sur ton bureau ,

▶ colle le contenu dans ta reponse

Réponse 2 / 56

Utilisateur anonyme
30 avril 2010 à 11:47

salut :

DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est detecté a tort comme infection)

▶ Télécharge List_Kill'em et enregistre le sur ton bureau

double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

Laisse coché :

♦ Executer Shortcut
♦ Executer List_Kill'em

une fois terminée , clic sur "terminer" et le programme se lancera seul

choisis l'option Search

▶ laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

Réponse 3 / 56

Agamemnon
30 avril 2010 à 12:04

Un tout tout grand merci pour cette réponse très rapide!!

Je fais ça de suite et poste le résultat!

encore merci!!!

Réponse 4 / 56

Utilisateur anonyme
30 avril 2010 à 12:08

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 56

Agamemnon
30 avril 2010 à 14:07

voilà le scan effectué par list kill'em:

List'em by g3n-h@ckm@n 1.7.2.5

User : manage (Administrateurs)
Update on 29/04/2010 by g3n-h@ckm@n ::::: 21.00
Start at: 12:37:45 | 30/04/2010

Intel(R) Celeron(R) CPU E1400 @ 2.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack

3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : My Security Engine [ Enabled | Updated ]
FW : My Security Engine[ Enabled ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 39,06 Go (26,92 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque fixe local | 109,99 Go (109,78 Go free) [Disque local

] | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local | 1397,27 Go (1319,23 Go free) [Elements]

| NTFS

Boot: Normal

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system\lsm.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application

Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.ex

e
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\pv.exe

======================
Keys "Run"
======================

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
MSMSGS REG_SZ "C:\Program Files\Messenger\msmsgs.exe"

/background
DAEMON Tools Lite REG_SZ "C:\Program Files\DAEMON

Tools Lite\daemon.exe" -autorun
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ

"C:\Program Files\Fichiers

communs\Ahead\Lib\NMBgMonitor.exe"
Le Petit Robert Hyperappel REG_SZ C:\Program Files\Le

Robert\Le Petit Robert\prhyper.exe
YVIBBBHA8C REG_SZ

C:\DOCUME~1\manage\LOCALS~1\Temp\Tsr.exe
My Security Engine REG_SZ "C:\Documents and

Settings\All Users\Application Data\ad265d0\MSad26.exe" /s /d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
IgfxTray REG_SZ C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\WINDOWS\system32\hkcmd.exe
Persistence REG_SZ C:\WINDOWS\system32\igfxpers.exe
HDAudDeck REG_SZ C:\Program

Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
SunJavaUpdateSched REG_SZ "C:\Program

Files\Java\jre1.6.0_07\bin\jusched.exe"
NWEReboot REG_SZ
Adobe Reader Speed Launcher REG_SZ "C:\Program

Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunSe

rvices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOn

ce]

=====================
Other Keys
=====================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Polic

ies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)

===============

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Polici

es\explorer]
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

===============

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Polic

ies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)

===============

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ

===============

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows

NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ ANNE
DefaultUserName REG_SZ manage
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL

"sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 1 (0x1)
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 1 (0x1)
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 0 (0x0)
AltDefaultUserName REG_SZ manage
AltDefaultDomainName REG_SZ ANNE

===============

[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\igfxcui]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\wlballoon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows

nt\currentversion\winlogon\notify\youja_]

===============

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo

rer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

===============

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\

parameters\firewallpolicy\standardprofile\authorizedapplications\li

st]
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ

%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
%windir%\system32\sessmgr.exe REG_SZ

%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ

C:\Program Files\Microsoft

Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
C:\Program Files\eMule\emule.exe REG_SZ C:\Program

Files\eMule\emule.exe:*:Enabled:eMule
\ REG_SZ C:\WINDOWS\system\lsm.exe:*:Enabled:KL
C:\WINDOWS\TEMP\koiw.tmp\svchost.exe REG_SZ

C:\WINDOWS\TEMP\koiw.tmp\svchost.exe:*:Enabled:svchost
\??\C:\WINDOWS\system32\winlogon.exe REG_SZ

\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon
C:\Documents and Settings\All Users\Application

Data\ad265d0\MSad26.exe REG_SZ C:\Documents and

Settings\All Users\Application Data\ad265d0\MSad26.exe:*:Enabled:My

Security Engine

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\

parameters\firewallpolicy\domainprofile\authorizedapplications\list

]
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ

%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
%windir%\system32\sessmgr.exe REG_SZ

%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

===============
ActivX controls
===============

[HKEY_LOCAL_MACHINE\software\microsoft\code store

database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store

database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store

database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]

===============
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{4278c270-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed

components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]

==============

Réponse 6 / 56

Agamemnon
30 avril 2010 à 14:12

BHO :
======

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explo

rer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explo

rer\browser helper objects\{20C1A7F0-528E-444F-BAC5-5804A61CCA7F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explo

rer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explo

rer\browser helper objects\{82ED2DA1-56ED-47A4-8D66-28B574A607A3}]

===
DNS
===

HKLM\SYSTEM\CCS\Services\Tcpip\..\{63CA3983-32CF-41C9-988E-857BBCA8

4F43}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{63CA3983-32CF-41C9-988E-857BBCA8

4F43}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{63CA3983-32CF-41C9-988E-857BBCA8

4F43}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters:

DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters:

DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters:

DhcpNameServer=192.168.1.1

================
Internet Explorer :
================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ

http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_C

LSID}&pver={SUB_PVER}&ar=home
Local Page REG_SZ C:\windows\system32\blank.htm
Default_Search_URL REG_SZ

http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL REG_SZ

http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Page REG_SZ

http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ

http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Local Page REG_SZ C:\windows\system32\blank.htm
Search Page REG_SZ

http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

========
Services
========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3 ( OK = 3 )
EapHost : 0x3 ( OK = 2 )
SharedAccess : 0x2 ( OK = 2 )
wuauserv : 0x2 ( OK = 2 )

========
Safemode
========

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot : OK

!!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minima

l : OK !!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Networ

k : OK !!

=========
Atapi.sys
=========

C:\WINDOWS\system32\dllcache\atapi.sys :
MD5 :: [9f3a2f5aa6875c72bf062c712cfa2674]
SHA256 ::

[b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9]

C:\WINDOWS\system32\drivers\atapi.sys :
MD5 :: [9f3a2f5aa6875c72bf062c712cfa2674]
SHA256 ::

[b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9]

C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sy

s :
MD5 :: [9f3a2f5aa6875c72bf062c712cfa2674]
SHA256 ::

[b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9]

C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sy

s :
MD5 :: [9f3a2f5aa6875c72bf062c712cfa2674]
SHA256 ::

[b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9]

Référence :
==========

Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
Windows 7_32b_Ultimate : 338c86357871c167a96ab976519bf59e

=======
Drive :
=======

D'fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software

International Inc.

Rapport d'analyse
39,06 Go total, 26,93 Go libre (68%), 10% fragment'

(fragmentation du fichier 20%)

Il ne vous est pas n'cessaire de d'fragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Present !! : C:\Program Files\ezLife
Present !! : C:\Program Files\Mozilla

Firefox\Components\ffxShot.dll
Present !! : C:\Program Files\Mozilla

Firefox\components\nsFFxSHot.xpt
Present !! : C:\WINDOWS\SET1C.tmp
Present !! : C:\WINDOWS\SET1D.tmp
Present !! : C:\WINDOWS\SET1F.tmp
Present !! : C:\WINDOWS\SET20.tmp
Present !! : C:\WINDOWS\SET2B.tmp
Present !! : C:\WINDOWS\SET2C.tmp
Present !! : C:\WINDOWS\SET3.tmp
Present !! : C:\WINDOWS\SET4.tmp
Present !! : C:\WINDOWS\SET8.tmp
Present !! : C:\WINDOWS\System32\404Fix.exe
Present !! : C:\WINDOWS\System32\dumphive.exe"
Present !! : C:\WINDOWS\System32\IEDFix.exe
Present !! : C:\WINDOWS\System32\Process.exe
Present !! : C:\WINDOWS\System32\SrchSTS.exe
Present !! : C:\WINDOWS\System32\sshnas??.dll
Present !! : C:\WINDOWS\System32\tmp.reg"
Present !! : C:\WINDOWS\System32\VACFix.exe
Present !! : C:\WINDOWS\System32\VCCLSID.exe
Present !! : C:\WINDOWS\System32\WS2Fix.exe
Present !! :

C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
Present !! :

C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
Present !! : C:\Documents and Settings\manage\Local

Settings\Temp\a.dat
Present !! : C:\Documents and Settings\manage\LOCAL

Settings\Temp\a.dat
Present !! : C:\Documents and Settings\manage\LOCAL

Settings\Temp\Perflib_Perfdata_fc8.dat
Present !! : C:\Documents and Settings\manage\LOCAL

Settings\Temp\saqpggfo.dat
Present !! : C:\Documents and Settings\manage\Recent\ddv.dll
Present !! : C:\Documents and Settings\manage\Recent\eb.sys
Present !! : C:\Documents and Settings\manage\Recent\exec.tmp
Present !! : C:\Documents and Settings\manage\Recent\PE.tmp

Réponse 7 / 56

Agamemnon
30 avril 2010 à 14:13

¤¤¤¤¤¤¤¤¤¤ Keys :

Present !! :

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c
Present !! :

HKU\S-1-5-21-1220945662-1580818891-1801674531-1003\Software\Microso

ft\Windows\CurrentVersion\Run\yvibbbha8c
Present !! : HKCU\Software\Microsoft\Internet

Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : "HKCU\Software\Microsoft\Internet

Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\_avp32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\_avpcc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\_avpm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\~1.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\~2.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\a.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\aAvgApi.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AAWTray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\About.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ackwin32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\adaware.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Ad-Aware.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\advxdwin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AdwarePrj.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\agent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\agentsvr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\agentw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\alertsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\alevir.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\alogserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AlphaAV"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AlphaAV.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AluSchedulerSvc.exe"

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\amon9x.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\AntispywarXP2009.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\anti-trojan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Anti-Virus

Professional.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\antivirus.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AntiVirus_Pro.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AntivirusPlus"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AntivirusPlus.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\AntivirusPro_2010.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AntivirusXP"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AntivirusXP.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\antivirusxppro2009.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ants.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\apimonitor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\aplica32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\apvxdwin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\arr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Arrakis3.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashAvast.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashBug.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashChest.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashCnsnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\ashDisp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashLogV.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashMaiSv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashPopWz.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashQuick.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\ashServ.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashSimp2.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashSimpl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashSkPcc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashSkPck.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\ashUpd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ashWebSv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\aswChLic.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\aswRegSvr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\aswRunDll.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\atcon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\atguard.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\atro55en.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\atupdater.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\atwatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\au.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\aupdate.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\auto-protect.nav80try.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\autodown.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\autotrace.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\autoupdate.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\av360.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avadmin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AVCare.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avcenter.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avciman.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avconfig.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avconsol.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ave32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AVENGINE.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgcc32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgchk.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgcmgr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgcsrvx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgctrl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgdumpx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgemc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgiproxy.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgnsx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgrsx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgscanx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgserv9.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgsrmax.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgtray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgupd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avgwdsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avkpop.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avkserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avkservice.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avkwctl9.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avltmain.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avmailc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avmcdlg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avnotify.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avp32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avpcc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avpdos32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avpm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avptc32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avpupd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avsched32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avsynmgr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avupgsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\AVWEBGRD.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avwin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avwin95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avwinnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avwsc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avwupd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avwupd32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avwupsrv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avxmonitor9x.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avxmonitornt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\avxquar.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\b.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\backweb.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bargains.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bd_professional.exe"

Réponse 8 / 56

Agamemnon
30 avril 2010 à 14:23

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bdagent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bdfvcl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bdfvwiz.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\BDInProcPatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bdmcon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\BDMsnScan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bdreinit.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bdsubwiz.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\BDSurvey.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bdwizreg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\beagle.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\belt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bidef.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bidserver.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bipcp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bipcpevalsetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bisp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\blackd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\blackice.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\blink.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\blss.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bootconf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bootwarn.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\borg2.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bpc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\brasil.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\brastk.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\brw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bs120.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bspatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bundle.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\bvt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\c.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cavscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ccapp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ccevtmgr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ccpxysvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ccSvcHst.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cdp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfgwiz.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfiadmin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfiaudit.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfinet.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfinet32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\cfp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfpconfg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cfplogvw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\cfpupdat.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Cl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\claw95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\claw95cf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\clean.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cleaner.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cleaner3.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cleanIELow.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cleanpc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\click.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cmd32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\cmdAgent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cmesys.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cmgrdian.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cmon016.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\connectionmonitor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\control"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cpd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cpf9x206.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cpfnt206.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\crashrep.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\csc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cssconfg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cssupdat.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cssurf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ctrl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cwnb181.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\cwntdwmo.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\d.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\datemanager.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dcomx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\defalert.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\defscangui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\defwatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\deloeminfs.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\deputy.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\divx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dllcache.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dllreg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\doors.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dop.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dpf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dpfsetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dpps2.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\driverctrl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\drwatson.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\DRWEB32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\drwebupw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dssagent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dvp95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\dvp95_0.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ecengine.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\efpeadm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\egui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ekrn.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\emsw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\esafe.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\escanhnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\escanv95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\espwatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ethereal.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\etrustcipe.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\evpn.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\exantivirus-cnet.exe"

Réponse 9 / 56

Agamemnon
30 avril 2010 à 14:24

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\exe.avxw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\expert.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\explore.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fact.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fprot.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\FAMEH32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fast.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fch32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fih32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\findviru.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\firewall.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fixcfg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fixfp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fnrb32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fprot.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fp-win.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fp-win_trial.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\frmwrk32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\frw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsaa.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsav.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\FSAV32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsav530stbyb.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsav530wtbyb.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsav95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsgk32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsm32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\FSMA32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\fsmb32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\gator.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\gav.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\gbmenu.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\gbn976rl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\gbpoll.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\generics.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\gmt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\guard.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\guarddog.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\guardgui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hacktracersetup.exe"

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hbinst.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hbsrv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\History.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\homeav2010.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hotactio.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hotpatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\htlog.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\htpatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hwpe.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hxdl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\hxiul.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\iamapp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\iamserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\iamstats.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ibmasn.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ibmavsp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\icload95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\icloadnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\icmon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\icsupp95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\icsuppnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Identity.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\idle.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\iedll.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\iedriver.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\IEShow.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\iface.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ifw2000.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\inetlnfo.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\infus.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\infwin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\init.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\intdel.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\intren.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\iomon98.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\istsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\jammer.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\jdbgmrg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\jedi.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\JsRcGen.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\kavlite40eng.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\kavpers40eng.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\kavpf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\kazza.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\keenvalue.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\kerio-pf-213-en-win.exe"

Réponse 10 / 56

Agamemnon
30 avril 2010 à 14:25

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\kerio-wrl-421-en-win.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\killprocesssetup161.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\launcher.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ldnetmon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ldpro.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ldpromenu.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ldscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\licmgr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\livesrv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\lnetinfo.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\loader.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\localnet.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\lockdown.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\lockdown2000.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\lookout.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\lordpe.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\lsetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\luall.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\luau.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\lucomserver.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\luinit.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\luspt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\MalwareRemoval.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mapisvc32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcagent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcmnhdlr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcmscsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcnasvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcproxy.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\McSACore.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcshell.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcshield.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcsysmon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mctool.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcupdate.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcvsrte.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mcvsshld.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\md.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mfin32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mfw2en.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mfweng3.02d30.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mgavrtcl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mgavrte.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mghtml.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mgui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\minilog.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mmod.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\monitor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\moolive.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mostat.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mpfagent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mpfservice.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\MPFSrv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mpftray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mrflux.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msa.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msapp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\MSASCui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msbb.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msblast.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mscache.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msccn32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mscman.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msconfig"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msdm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msdos.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msiexec16.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mslaugh.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msmgt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msmsgri32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mssmmc32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mssys.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\msvxd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mu0311ad.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\mwatch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\n32scanw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nav.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navap.navapsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navapsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navapw32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navdx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navlu32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\NAVSTUB.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navw32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\navwnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nc2000.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ncinst4.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ndd32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\neomonitor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\neowatchlog.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\netarmor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\netd32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\netinfo.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\netmon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\netscanpro.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\netspyhunter-1.2.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\netutils.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nisserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nisum.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nmain.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nod32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\normist.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\norton_internet_secu_3.0_407.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\notstart.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\npf40_tw_98_nt_me_2k.exe"

Réponse 11 / 56

Agamemnon
30 avril 2010 à 14:26

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\npfmessenger.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nprotect.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\npscheck.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\npssvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nsched32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nssys32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nstask32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nsupdate.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ntrtscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ntvdm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ntxconfig.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nupgrade.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nvarch16.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nvc95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nvsvc32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nwinst4.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nwservice.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\nwtool16.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\OAcat.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\OAhlp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\OAReg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\oasrv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\oaui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\oaview.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ODSW.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ollydbg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\onsrvr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\optimize.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ostronet.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\otfix.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\outpost.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\outpostinstall.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\outpostproinstall.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ozn695m5.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\padmin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\panixk.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\patch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pav.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pavcl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PavFnSvr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pavproxy.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pavprsrv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pavsched.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pavsrv51.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pavw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\PC_Antispyware2010.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pccwin98.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pcfwallicon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pcip10117_0.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pcscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pctsAuxs.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pctsGui.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pctsSvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pctsTray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pdfndr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pdsetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PerAvir.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\periscope.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\persfw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\personalguard"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\personalguard.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\perswf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pf2.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pfwadmin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pgmonitr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pingscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\platin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pop3trap.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\poproxy.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\popscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\portdetective.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\portmonitor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\powerscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ppinupdt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pptbc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ppvstop.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\prizesurfer.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\prmt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\prmvr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\procdump.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\processmonitor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\procexplorerv1.0.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\programauditor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\proport.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\protector.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\protectx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PSANCU.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PSANHost.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PSANToManager.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PsCtrls.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PsImSvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PskSvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\pspf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\PSUNMain.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\purge.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\qconsole.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\qh.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\qserver.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Quick Heal.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\QuickHealCleaner.exe"

Réponse 12 / 56

Agamemnon
30 avril 2010 à 14:29

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rapapp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rav7.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rav7win.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rav8win32eng.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rb32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rcsync.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\realmon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\reged.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rescue.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rescue32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rrguard.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rscdwld.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rshell.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rtvscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rtvscn95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rulaunch.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rwg"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\rwg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\SafetyKeeper.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\safeweb.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sahagent.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Save.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\SaveArmor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\SaveDefense.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\SaveKeep.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\savenow.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sbserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\scam32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\scan95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\scanpm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\scrscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\seccenter.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Secure Veteran.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\secureveteran.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\Security Center.exe"

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\SecurityFighter.exe"

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\securitysoldier.exe"

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\serv95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\setloadorder.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\setup_flowprotector_us.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\setupvameeval.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sgssfw32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sh.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\shellspyinstall.exe"

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\shield.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\shn.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\showbehind.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\signcheck.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\smart.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\smartprotector.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\smc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\smrtdefp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sms.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\smss32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\snetcfg.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\soap.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sofi.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\SoftSafeness.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sperm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\spf.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sphinx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\spoler.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\spoolcv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\spoolsv32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\spywarexpguard.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\spyxx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\srexe.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\srng.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ss3edit.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ssg_4104.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\ssgrate.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\st2.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\start.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\stcloader.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\supftrl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\support.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\supporter5.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\svc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\svchostc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\svchosts.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\svshost.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sweep95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\sweepnet.sweepsrv.sys.swnetsup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\symlcsvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\symproxysvc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\symtray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\system.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\system32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\sysupd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tapinstall.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\taskmgr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\taumon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tbscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tca.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tcm.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tds2-98.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tds2-nt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tds-3.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\teekids.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tfak.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tfak5.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tgbob.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\titanin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\titaninxp.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\TPSrv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\trickler.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\trjscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\trjsetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\trojantrap3.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\TrustWarrior.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tsadbot.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tsc.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tvmd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\tvtmd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\uiscan.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\undoboot.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\updat.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\upgrad.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\upgrepl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\utpost.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vbcmserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vbcons.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vbust.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vbwin9x.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vbwinntw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vcsetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vet32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vet95.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vettray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vfsetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vir-help.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\virusmdpersonalfirewall.exe"

Réponse 13 / 56

Agamemnon
30 avril 2010 à 14:34

Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\VisthAux.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\VisthLic.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\VisthUpd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vnlan300.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vnpc3000.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vpc32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vpc42.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vpfw30s.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vptray.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vscan40.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vscenu6.02d30.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vsched.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vsecomr.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vshwin32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vsisetup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vsmain.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vsmon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vsserv.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vsstat.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vswin9xe.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vswinntse.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\vswinperse.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\w32dsm89.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\W3asbas.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\w9x.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\watchdog.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\webdav.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\WebProxy.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\webscanx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\webtrap.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wfindv32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\whoswatchingme.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wimmun32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\win32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\win32us.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winactive.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winav.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\win-bugsfix.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\windll32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\window.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\windows Police

Pro.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\windows.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wininetd.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wininitx.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winlogin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winmain.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winppr32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winrecon.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winservn.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winssk32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winstart.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winstart001.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wintsk32.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\winupdate.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wkufind.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wnad.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wnt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wradmin.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wrctrl.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wsbgate.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wscfxas.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wscfxav.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wscfxfw.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wsctool.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wupdater.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\wupdt.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution

Options\wyvernworksfirewall.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\xp_antispyware.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\xpdeluxe.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\xpf202en.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File Execution Options\zapro.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\zapsetup3001.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\zatutor.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\zonalm2601.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Image File execution Options\zonealarm.exe"
Present !! : HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
Present !! : HKCU\Software\YVIBBBHA8C
Present !! :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net
Present !! : HKLM\SYSTEM\ControlSet001\Enum\Root\Legacy_SSHNAS
Present !! : HKLM\SYSTEM\ControlSet001\Services\SSHNAS
Present !! : HKLM\SYSTEM\ControlSet002\Enum\Root\Legacy_SSHNAS
Present !! : HKLM\SYSTEM\ControlSet002\Services\SSHNAS
Present !! : HKLM\SYSTEM\CurrentControlSet\Enum\Root\Legacy_SSHNAS
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\SSHNAS

============

Réponse 14 / 56

Agamemnon
30 avril 2010 à 14:36

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector

by Gmer, http://www.gmer.net
Rootkit scan 2010-04-30 13:42:25
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

1????????????????????????????????????????????????
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Le Petit Robert Hyperappel = C:\Program Files\Le Robert\Le Petit

Robert\prhyper.exe?????|@??|????=??|m??|????8???@???h8??????~??????

?????????????????????[o?????????|3??|t?&?h8??g???????4??????????|@?

?|????=??|???|????????h8?????????????|????h8??t?r?u?e??????

?M????????4?&?????T?&?? ?M

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer,

http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll

>>UNKNOWN [0x88CD9EE4]<<
kernel: MBR read successfully
user & kernel MBR OK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled REG_DWORD 1 (0x1)
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 0 (0x0)
FirewallOverride REG_DWORD 0 (0x0)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

End of scan : 13:42:26,78

Réponse 15 / 56

Agamemnon
30 avril 2010 à 14:37

Voilà, tout est posté.

Ca me semble un peu long j'espere que c est normal!

Réponse 16 / 56

Agamemnon
30 avril 2010 à 23:12

Ha ok lol, quelle saleté.

je vais lancer l'option clean et scane le resultat,

merci beaucoup

Réponse 17 / 56

Utilisateur anonyme
30 avril 2010 à 23:15

ok à lire le rapport

Réponse 18 / 56

Agamemnon
30 avril 2010 à 23:20

Kill'em by g3n-h@ckm@n 1.7.2.5

User : manage (Administrateurs)
Update on 29/04/2010 by g3n-h@ckm@n ::::: 21.00
Start at: 17:55:01 | 30/04/2010

Intel(R) Celeron(R) CPU E1400 @ 2.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : My Security Engine [ Enabled | Updated ]
FW : My Security Engine[ Enabled ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local | 39,06 Go (26,8 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque fixe local | 109,99 Go (109,78 Go free) [Disque local ] | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local | 1397,27 Go (1319,23 Go free) [Elements] | NTFS

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Tlefua.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system\lsm.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\ERUNT.EXE
C:\Program Files\List_Kill'em\pv.exe

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Quarantined & Deleted !! : C:\Program Files\ezLife
Quarantined & Deleted !! : C:\Program Files\Mozilla Firefox\Components\ffxShot.dll
Quarantined & Deleted !! : C:\Program Files\Mozilla Firefox\components\nsFFxSHot.xpt
Quarantined & Deleted !! : C:\WINDOWS\SET1C.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET1D.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET1F.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET20.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET2B.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET2C.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET3.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET4.tmp
Quarantined & Deleted !! : C:\WINDOWS\SET8.tmp

Quarantined & Deleted !! : C:\WINDOWS\System32\404Fix.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\dumphive.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\IEDFix.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\Process.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\SrchSTS.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\sshnas21.dll
Quarantined & Deleted !! : C:\WINDOWS\System32\tmp.reg
Quarantined & Deleted !! : C:\WINDOWS\System32\VACFix.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\VCCLSID.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\WS2Fix.exe
Quarantined & Deleted !! : C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
Quarantined & Deleted !! : C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
Quarantined & Deleted !! : C:\Documents and Settings\manage\Local Settings\Temp\a.dat
Quarantined & Deleted !! : C:\Documents and Settings\manage\LOCAL Settings\Temp\saqpggfo.dat
Quarantined & Deleted !! : C:\Documents and Settings\manage\Recent\ddv.dll
Quarantined & Deleted !! : C:\Documents and Settings\manage\Recent\eb.sys
Quarantined & Deleted !! : C:\Documents and Settings\manage\Recent\exec.tmp
Quarantined & Deleted !! : C:\Documents and Settings\manage\Recent\PE.tmp

=======
Hosts :
=======

#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
74.125.45.100 4-open-davinci.com
74.125.45.100 securitysoftwarepayments.com
74.125.45.100 privatesecuredpayments.com
74.125.45.100 secure.privatesecuredpayments.com
74.125.45.100 getantivirusplusnow.com
74.125.45.100 secure-plus-payments.com
74.125.45.100 www.getantivirusplusnow.com
74.125.45.100 www.secure-plus-payments.com
74.125.45.100 www.getavplusnow.com
74.125.45.100 safebrowsing-cache.google.com
74.125.45.100 urs.microsoft.com
74.125.45.100 www.securesoftwarebill.com
74.125.45.100 secure.paysecuresystem.com
74.125.45.100 paysoftbillsolution.com
74.125.45.100 protected.maxisoftwaremart.com

========

Réponse 19 / 56

Agamemnon
30 avril 2010 à 23:21

Registry
========

Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Deleted : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\_avp32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\_avpcc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\_avpm.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\~1.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\~2.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\a.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\aAvgApi.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AAWTray.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\About.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ackwin32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\adaware.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\Ad-Aware.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\advxdwin.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AdwarePrj.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\agent.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\agentsvr.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\agentw.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\alertsvc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\alevir.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\alogserv.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AlphaAV"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AlphaAV.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AluSchedulerSvc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\amon9x.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AntispywarXP2009.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\anti-trojan.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\Anti-Virus Professional.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\antivirus.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AntiVirus_Pro.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AntivirusPlus"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AntivirusPlus.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AntivirusPro_2010.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AntivirusXP"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AntivirusXP.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\antivirusxppro2009.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ants.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\apimonitor.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\aplica32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\apvxdwin.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\arr.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\Arrakis3.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashAvast.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashBug.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashChest.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashCnsnt.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashLogV.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashMaiSv.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashPopWz.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashQuick.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashSimp2.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashSimpl.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashSkPcc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashSkPck.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ashWebSv.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\aswChLic.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\aswRegSvr.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\aswRunDll.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\atcon.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\atguard.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\atro55en.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\atupdater.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\atwatch.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\au.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\aupdate.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\auto-protect.nav80try.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\autodown.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\autotrace.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\autoupdate.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\av360.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avadmin.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AVCare.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avcenter.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avciman.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avconfig.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avconsol.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ave32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AVENGINE.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgcc32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgchk.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgcmgr.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgcsrvx.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgctrl.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgdumpx.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgemc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgiproxy.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgnsx.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgnt.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgrsx.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgscanx.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgserv.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgserv9.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgsrmax.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgtray.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgui.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgupd.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgw.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avgwdsvc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avkpop.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avkserv.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avkservice.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avkwctl9.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avltmain.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avmailc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avmcdlg.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avnotify.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avnt.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avp32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avpcc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avpdos32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avpm.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avptc32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avpupd.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avsched32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avsynmgr.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avupgsvc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\AVWEBGRD.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avwin.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avwin95.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avwinnt.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avwsc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avwupd.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avwupd32.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avwupsrv.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avxmonitor9x.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avxmonitornt.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\avxquar.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\b.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\backweb.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bargains.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bd_professional.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdagent.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdfvcl.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdfvwiz.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\BDInProcPatch.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdmcon.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\BDMsnScan.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdreinit.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdsubwiz.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\BDSurvey.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bdwizreg.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\beagle.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\belt.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bidef.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bidserver.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bipcp.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bipcpevalsetup.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bisp.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\blackd.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\blackice.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\blink.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\blss.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bootconf.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bootwarn.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\borg2.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bpc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\brasil.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\brastk.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\brw.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bs120.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bspatch.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bundle.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\bvt.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\c.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\cavscan.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ccapp.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ccevtmgr.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ccpxysvc.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\ccSvcHst.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\cdp.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\cfd.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\cfgwiz.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\cfiadmin.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\cfiaudit.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\cfinet.exe"

Réponse 20 / 56

Utilisateur anonyme
30 avril 2010 à 23:21

il manque un gros bout !

Utilisateur anonyme
30 avril 2010 à 23:22

ne fais pas de transactions avec ton pc pour l instant

Discussions similaires

Code de réinitialisation mdp facebook sans le demander

Myreadingmanga pourquoi je ne peux plus me connecter

Analyse de l'appli "AI SECURITY"

problème myreadingmanga (message erreur)

Comment supprimer le virus Trojan