Tout plein de virus!!

Résolu
Bones -  
 Utilisateur anonyme -
Bonjour,

J'ai plein de virus sur mon PC, et j'aimerais savoir comment m'en débarasser. Je n'ai plus accès au Gestionnaire des tâches et j'ai essayé par tous les moyens de l'ouvrir (Ctrl+Alt+suppr, avec la barre des tâches, avec l'application "Exécuter"...) et aucun des antivirus que je télécharge ne fonctionne. J'ai essayé un scan en ligne avec Spybot Search & Destroy qui ne marche pas non plus. Mon ancien Antivirus refuse de s'ouvrir et même si je fais tout ça en mode sans échec, rien ne marche. De plus, je reçoit des avertissements d'un Antivirus que je n'ai jamais télécharger. J'ai essayé de le supprimer de mon ordinateur, sans succès, et je me doute bien que la source du virus est là.

Il ne me reste donc, j'espère, qu'un tout dernier espoir, avant de devoir réinstaller Windows au complet: le Registre.

Comme je n'ai aucune idée de la façon dont il fonctionne, je voudrais savoir s'il est possible de supprimer des fichiers dangereux à partir du Registre.

Si vous avez d'autres suggestions de solutions à mon problème, merci de les écrire.

A voir également:

27 réponses

  • 1
  • 2
Réponse 1 / 27
Utilisateur anonyme
 
Bonjour
Tu as un rogue dans ton PC

Télécharge rkill depuis l'un des liens ci-dessous:

http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
https://download.bleepingcomputer.com/grinler/rkill.exe

Enregistre le fichier sur le Bureau.
Désactive le module résident de l'antivirus et celui de l'antispyware.
Faire un double clic sur le fichier rkill téléchargé pour lancer l'outil.
Pour Vista, faire un clic droit sur le fichier [b]rkill/b téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
Une fenêtre à fond noir va apparaître brièvement, puis disparaître.
Si rien ne se passe, ou si l'outil ne se lance pas, télécharger l'outil depuis un autre des quatre liens ci-dessus et faire une nouvelle tentative d'exécution

Télécharge malwarebytes' anti-malware
http://mbam.malwarebytes.org/program/mbam-setup.exe
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller



0
Bones
 
Le lien pour malwarebytes' anti-malware ne fonctionne pas.. Y a-t-il une autre manière d'y accéder? Puis quand je clique sur le fichier rkill, la fenêtre noire apparaît et disparaît, puis une page du bloc note s'ouvre. Es-ce normal?
0
Réponse 2 / 27
Utilisateur anonyme
 
Ne redémarre surtout pas ton PC

Avant de commencer, fait une sauvegarde de tous tes documents
Attention, cet outil n'est pas à utiliser à la légère, et doit
être recommandé que par une personne formée à cet outil
Imprime la procédure

Télécharge ComboFix renommé Bones de sUBs sur ton Bureau :
http://sd-1.archive-host.com/membres/up/203669918515832581/Bones.exe
tutoriel pour bien utiliser l'outil
http://www.bleepingcomputer.com/combofix/fr/comment-utiliser­-combofix

/!\ Déconnecte-toi du net et DESACTIVE TOUTES LES DEFENSES, antivirus et antispyware y compris /!\
---> Double-clique sur Bones.exe
Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter
Surtout, accepte d'installer la console de récupération
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de figer ton PC

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt


0
Bones
 
Wow, tu as l'air bien informé(e).. Je suis désolée de ce contretemps mais j'ai enfin réussi à télécharger Malwarebytes anti-malware... Je vais donc suivre tes autres instructions... Je suis vraiment désolée.
0
Réponse 3 / 27
Utilisateur anonyme
 
J'attendrai le résultat
0
Bones
 
Je n'arrive pas à coller le rapport du bloc note sur le forum, comme si le document était trop gros. Je vais le séparer en deux parties et les coller sur le forum.
0
Bones
 
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-08-12 09:53:56
mbam-log-2010-08-12 (09-53-56).txt

Type d'examen: Examen complet (A:\|C:\|D:\|)
Elément(s) analysé(s): 170502
Temps écoulé: 29 minute(s), 50 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 765
Valeur(s) du Registre infectée(s): 17
Elément(s) de données du Registre infecté(s): 9
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
0
Bones
 
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brastk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aavgapi.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aawtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\about.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ad-aware.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adwareprj.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aluschedulersvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
0
Bones
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\amon9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\anti-trojan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus_pro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusplus (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusplus.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxp (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxppro2009.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apimonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aplica32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashavast.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashbug.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashchest.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashcnsnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashdisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashlogv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashmaisv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashpopwz.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashquick.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashsimp2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashsimpl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashskpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashskpck.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashwebsv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswchlic.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswregsvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswrundll.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswupdsv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atro55en.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atupdater.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\au.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.exe (Security.Hijack) -> Quarantined and deleted successfully.
0
Bones
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autodown.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autotrace.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\av360.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcare.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avciman.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ave32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avengine.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgchk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv9.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkpop.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avkwctl9.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmcdlg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnotify.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avptc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsched32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwebgrd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwin95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwinnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwupsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
0
Réponse 4 / 27
Utilisateur anonyme
 
Sacrément infecté
Si le rapport est trop long, héberge le
Puis vide la quarantaine de Malwarebytes
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 27
Utilisateur anonyme
 
Tu avais fait le plein de nuisibles, en plus un détournement DNS
Tu vas plutôt me faire ceci
* Télécharge ZHPDiag (de Nicolas Coolman)
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
Héberge le rapport ICI


0
Bones
 
Ça dit que je ne peux pas déposer de fichiers avec l'extension .exe
0
Réponse 6 / 27
Utilisateur anonyme
 
C'est le rapport de ZHPDiag que tu dois déposer, c'est un fichier.txt
0
Bones
 
Je crois que j'ai réussi.. Tu as besoin du lien?
0
Réponse 7 / 27
Utilisateur anonyme
 
Oui, donne moi le lien
0
Bones
 
http://www.cijoint.fr/cjlink.php?file=cj201008/cijfCR3Oo3.txt
0
Réponse 8 / 27
Utilisateur anonyme
 
On va faire le nettoyage en 2 étapes

Copie les lignes suivantes en gras ci dessous, c'est à dire
que tu sélectionnes les lignes indiquées en gras avec ta souris, tu fait
clic droit dessus>copier

O4 - HKCU\..\Run: [WindowsSysControl] C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe (.not file.)
O4 - HKCU\..\Run: [EBUNWVLUMV] C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\Hvh.exe (.not file.)
O4 - HKCU\..\Run: [Security Master AV] . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe
O4 - HKUS\S-1-5-21-1085031214-1547161642-682003330-1004\..\Run: [WindowsSysControl] C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe (.not file.)
O4 - HKUS\S-1-5-21-1085031214-1547161642-682003330-1004\..\Run: [Security Master AV] . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[HKCU\Software\EBUNWVLUMV]
[HKCU\Software\V71IQL7HI7]
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe
HOSTFix

* Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
* Clique sur l'icône représentant la lettre H, cela collera les lignes que tu
as mis en mémoire
* Clique sur OK, sur Tous, puis sur Nettoyer
* Copie/colle la totalité du rapport dans ta prochaine réponse
0
Bones
 
Ça me dit "Impossible de créer le fichier (nom du fichier). Accès refusé."
0
Réponse 9 / 27
Utilisateur anonyme
 
Est-ce que l'outil a fait le nettoyage ?
0
Bones
 
Je crois que j'ai trouvé une solution.. Dis moi si c'est correct:

Rapport de ZHPFix v1.12.3134 par Nicolas Coolman, Update du 12/08/2010
Fichier d'export Registre : C:\ZHPExportRegistry-2010-08-12-12-09-29.txt
Run by Stephanie at 2010-08-12 12:09:29
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
HKCU\Software\EBUNWVLUMV => Clé absente
HKCU\Software\V71IQL7HI7 => Clé absente

========== Valeur(s) du Registre ==========
O4 - HKCU\..\Run: [WindowsSysControl] C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe (.not file.) => Valeur absente
O4 - HKCU\..\Run: [EBUNWVLUMV] C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\Hvh.exe (.not file.) => Valeur absente
O4 - HKCU\..\Run: [Security Master AV] . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe => Valeur absente
O4 - HKUS\S-1-5-21-1085031214-1547161642-682003330-1004\..\Run: [WindowsSysControl] C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe (.not file.) => Valeur absente
O4 - HKUS\S-1-5-21-1085031214-1547161642-682003330-1004\..\Run: [Security Master AV] . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe => Valeur absente
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Documents and Settings\Stephanie\Application Data\winscdrn.exe => Valeur absente
O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Documents and Settings\All Users\Application Data\12ba556\SM12ba_302.exe => Valeur absente

========== Fichier(s) ==========
c:\windows\tasks\{8c3fdd81-7ae0-4605-a46a-2488b179f2a3}.job => Fichier absent


========== Récapitulatif ==========
2 : Clé(s) du Registre
7 : Valeur(s) du Registre
1 : Fichier(s)


End of the scan
0
Bones
 
Je ne pouvais pas tout cocher, l'ordinateur me refusait l'accès à "HOSTFix"... Je l'ai décoché et l'outil a pu faire le nettoyage.
0
Réponse 10 / 27
Utilisateur anonyme
 
Copie les lignes suivantes en gras ci dessous, c'est à dire
que tu sélectionnes les lignes indiquées en gras avec ta souris, tu fait
clic droit dessus>copier

O50 - IFEO:Image File Execution Options - a.exe - svchost.exe
O50 - IFEO:Image File Execution Options - aAvgApi.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AAWTray.exe - svchost.exe
O50 - IFEO:Image File Execution Options - About.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ackwin32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - Ad-Aware.exe - svchost.exe
O50 - IFEO:Image File Execution Options - adaware.exe - svchost.exe
O50 - IFEO:Image File Execution Options - advxdwin.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AdwarePrj.exe - svchost.exe
O50 - IFEO:Image File Execution Options - agent.exe - svchost.exe
O50 - IFEO:Image File Execution Options - agentsvr.exe - svchost.exe
O50 - IFEO:Image File Execution Options - agentw.exe - svchost.exe
O50 - IFEO:Image File Execution Options - alertsvc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - alevir.exe - svchost.exe
O50 - IFEO:Image File Execution Options - alogserv.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AlphaAV - svchost.exe
O50 - IFEO:Image File Execution Options - AlphaAV.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AluSchedulerSvc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - amon9x.exe - svchost.exe
O50 - IFEO:Image File Execution Options - anti-trojan.exe - svchost.exe
O50 - IFEO:Image File Execution Options - Anti-Virus Professional.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AntispywarXP2009.exe - svchost.exe
O50 - IFEO:Image File Execution Options - antivirus.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AntivirusPlus - svchost.exe
O50 - IFEO:Image File Execution Options - AntivirusPlus.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AntivirusPro_2010.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AntivirusXP - svchost.exe
O50 - IFEO:Image File Execution Options - AntivirusXP.exe - svchost.exe
O50 - IFEO:Image File Execution Options - antivirusxppro2009.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AntiVirus_Pro.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ants.exe - svchost.exe
O50 - IFEO:Image File Execution Options - apimonitor.exe - svchost.exe
O50 - IFEO:Image File Execution Options - aplica32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - apvxdwin.exe - svchost.exe
O50 - IFEO:Image File Execution Options - arr.exe - svchost.exe
O50 - IFEO:Image File Execution Options - Arrakis3.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashAvast.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashBug.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashChest.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashCnsnt.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashDisp.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashLogV.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashMaiSv.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashPopWz.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashQuick.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashServ.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashSimp2.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashSimpl.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashSkPcc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashSkPck.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashUpd.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ashWebSv.exe - svchost.exe
O50 - IFEO:Image File Execution Options - aswChLic.exe - svchost.exe
O50 - IFEO:Image File Execution Options - aswRegSvr.exe - svchost.exe
O50 - IFEO:Image File Execution Options - aswRunDll.exe - svchost.exe
O50 - IFEO:Image File Execution Options - aswUpdSv.exe - svchost.exe
O50 - IFEO:Image File Execution Options - atcon.exe - svchost.exe
O50 - IFEO:Image File Execution Options - atguard.exe - svchost.exe
O50 - IFEO:Image File Execution Options - atro55en.exe - svchost.exe
O50 - IFEO:Image File Execution Options - atupdater.exe - svchost.exe
O50 - IFEO:Image File Execution Options - atwatch.exe - svchost.exe
O50 - IFEO:Image File Execution Options - au.exe - svchost.exe
O50 - IFEO:Image File Execution Options - aupdate.exe - svchost.exe
O50 - IFEO:Image File Execution Options - auto-protect.nav80try.exe - svchost.exe
O50 - IFEO:Image File Execution Options - autodown.exe - svchost.exe
O50 - IFEO:Image File Execution Options - autotrace.exe - svchost.exe
O50 - IFEO:Image File Execution Options - autoupdate.exe - svchost.exe
O50 - IFEO:Image File Execution Options - av360.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avadmin.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AVCare.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avcenter.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avciman.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avconfig.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avconsol.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ave32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AVENGINE.EXE - svchost.exe
O50 - IFEO:Image File Execution Options - avgcc32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgchk.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgcmgr.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgcsrvx.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgctrl.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgdumpx.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgemc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgiproxy.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgnsx.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgnt.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgrsx.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgscanx.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgserv.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgserv9.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgsrmax.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgtray.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgui.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgupd.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgw.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avgwdsvc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avkpop.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avkserv.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avkservice.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avkwctl9.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avltmain.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avmailc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avmcdlg.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avnotify.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avnt.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avp32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avpcc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avpdos32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avpm.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avptc32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avpupd.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avsched32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avsynmgr.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avupgsvc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - AVWEBGRD.EXE - svchost.exe
O50 - IFEO:Image File Execution Options - avwin.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avwin95.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avwinnt.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avwsc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avwupd.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avwupd32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avwupsrv.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avxmonitor9x.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avxmonitornt.exe - svchost.exe
O50 - IFEO:Image File Execution Options - avxquar.exe - svchost.exe
O50 - IFEO:Image File Execution Options - b.exe - svchost.exe
O50 - IFEO:Image File Execution Options - backweb.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bargains.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdagent.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdfvcl.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdfvwiz.exe - svchost.exe
O50 - IFEO:Image File Execution Options - BDInProcPatch.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdmcon.exe - svchost.exe
O50 - IFEO:Image File Execution Options - BDMsnScan.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdreinit.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdsubwiz.exe - svchost.exe
O50 - IFEO:Image File Execution Options - BDSurvey.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdtkexec.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bdwizreg.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bd_professional.exe - svchost.exe
O50 - IFEO:Image File Execution Options - beagle.exe - svchost.exe
O50 - IFEO:Image File Execution Options - belt.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bidef.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bidserver.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bipcp.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bipcpevalsetup.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bisp.exe - svchost.exe
O50 - IFEO:Image File Execution Options - blackd.exe - svchost.exe
O50 - IFEO:Image File Execution Options - blackice.exe - svchost.exe
O50 - IFEO:Image File Execution Options - blink.exe - svchost.exe
O50 - IFEO:Image File Execution Options - blss.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bootconf.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bootwarn.exe - svchost.exe
O50 - IFEO:Image File Execution Options - borg2.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bpc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - brasil.exe - svchost.exe
O50 - IFEO:Image File Execution Options - brastk.exe - svchost.exe
O50 - IFEO:Image File Execution Options - brw.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bs120.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bspatch.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bundle.exe - svchost.exe
O50 - IFEO:Image File Execution Options - bvt.exe - svchost.exe
O50 - IFEO:Image File Execution Options - c.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cavscan.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ccapp.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ccevtmgr.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ccpxysvc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - ccSvcHst.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cdp.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfd.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfgwiz.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfiadmin.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfiaudit.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfinet.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfinet32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfp.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfpconfg.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfplogvw.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cfpupdat.exe - svchost.exe
O50 - IFEO:Image File Execution Options - Cl.exe - svchost.exe
O50 - IFEO:Image File Execution Options - claw95.exe - svchost.exe
O50 - IFEO:Image File Execution Options - claw95cf.exe - svchost.exe
O50 - IFEO:Image File Execution Options - clean.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cleaner.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cleaner3.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cleanIELow.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cleanpc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - click.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cmd32.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cmdagent.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cmesys.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cmgrdian.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cmon016.exe - svchost.exe
O50 - IFEO:Image File Execution Options - connectionmonitor.exe - svchost.exe
O50 - IFEO:Image File Execution Options - control - svchost.exe
O50 - IFEO:Image File Execution Options - cpd.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cpf9x206.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cpfnt206.exe - svchost.exe
O50 - IFEO:Image File Execution Options - crashrep.exe - svchost.exe
O50 - IFEO:Image File Execution Options - csc.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cssconfg.exe - svchost.exe
O50 - IFEO:Image File Execution Options - cssupdat.exe - svchost.exe

* Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
* Clique sur l'icône représentant la lettre H, cela collera les lignes que tu
as mis en mémoire
* Clique sur OK, sur Tous, puis sur Nettoyer
* Copie/colle la totalité du rapport dans ta prochaine réponse
0
Bones
 
Rapport de ZHPFix v1.12.3134 par Nicolas Coolman, Update du 12/08/2010
Fichier d'export Registre : C:\ZHPExportRegistry-2010-08-12-12-26-41.txt
Run by Stephanie at 2010-08-12 12:26:41
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
O50 - IFEO:Image File Execution Options - a.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - aAvgApi.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - AAWTray.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - About.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - ackwin32.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - Ad-Aware.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - adaware.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - advxdwin.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - AdwarePrj.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - agent.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - agentsvr.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - agentw.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - alertsvc.exe - svchost.exe => Clé absente
O50 - IFEO:Image File Execution Options - alevir.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - alogserv.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AlphaAV - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AlphaAV.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AluSchedulerSvc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - amon9x.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - anti-trojan.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - Anti-Virus Professional.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AntispywarXP2009.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - antivirus.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AntivirusPlus - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AntivirusPlus.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AntivirusPro_2010.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AntivirusXP - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AntivirusXP.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - antivirusxppro2009.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AntiVirus_Pro.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ants.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - apimonitor.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - aplica32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - apvxdwin.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - arr.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - Arrakis3.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashAvast.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashBug.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashChest.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashCnsnt.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashDisp.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashLogV.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashMaiSv.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashPopWz.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashQuick.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashServ.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashSimp2.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashSimpl.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashSkPcc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashSkPck.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashUpd.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ashWebSv.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - aswChLic.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - aswRegSvr.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - aswRunDll.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - aswUpdSv.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - atcon.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - atguard.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - atro55en.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - atupdater.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - atwatch.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - au.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - aupdate.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - auto-protect.nav80try.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - autodown.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - autotrace.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - autoupdate.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - av360.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avadmin.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AVCare.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avcenter.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avciman.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avconfig.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avconsol.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ave32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AVENGINE.EXE - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgcc32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgchk.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgcmgr.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgcsrvx.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgctrl.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgdumpx.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgemc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgiproxy.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgnsx.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgnt.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgrsx.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgscanx.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgserv.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgserv9.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgsrmax.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgtray.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgui.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgupd.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgw.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avgwdsvc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avkpop.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avkserv.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avkservice.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avkwctl9.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avltmain.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avmailc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avmcdlg.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avnotify.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avnt.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avp32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avpcc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avpdos32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avpm.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avptc32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avpupd.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avsched32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avsynmgr.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avupgsvc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - AVWEBGRD.EXE - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avwin.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avwin95.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avwinnt.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avwsc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avwupd.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avwupd32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avwupsrv.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avxmonitor9x.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avxmonitornt.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - avxquar.exe - svchost.exe => Clé supprimée avec succès
0
Bones
 
O50 - IFEO:Image File Execution Options - b.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - backweb.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bargains.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdagent.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdfvcl.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdfvwiz.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - BDInProcPatch.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdmcon.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - BDMsnScan.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdreinit.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdsubwiz.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - BDSurvey.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdtkexec.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bdwizreg.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bd_professional.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - beagle.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - belt.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bidef.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bidserver.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bipcp.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bipcpevalsetup.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bisp.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - blackd.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - blackice.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - blink.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - blss.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bootconf.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bootwarn.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - borg2.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bpc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - brasil.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - brastk.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - brw.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bs120.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bspatch.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bundle.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - bvt.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - c.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cavscan.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ccapp.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ccevtmgr.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ccpxysvc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - ccSvcHst.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cdp.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfd.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfgwiz.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfiadmin.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfiaudit.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfinet.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfinet32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfp.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfpconfg.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfplogvw.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cfpupdat.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - Cl.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - claw95.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - claw95cf.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - clean.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cleaner.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cleaner3.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cleanIELow.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cleanpc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - click.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cmd32.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cmdagent.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cmesys.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cmgrdian.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cmon016.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - connectionmonitor.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - control - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cpd.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cpf9x206.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cpfnt206.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - crashrep.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - csc.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cssconfg.exe - svchost.exe => Clé supprimée avec succès
O50 - IFEO:Image File Execution Options - cssupdat.exe - svchost.exe => Clé supprimée avec succès


========== Récapitulatif ==========
202 : Clé(s) du Registre


End of the scan
0
Bones
 
J'ai encore du le coller en plusieurs parties (2).. Je suis désolée et merci infiniment pour ton temps.
0
Réponse 11 / 27
Utilisateur anonyme
 
Cela avance, c'est encourageant, mais on a pas fini
Met à jour Malwarebytes, et fait moi un scan complet, il risque de trouver
encore de nombreux éléments infectieux, il faut affaiblir ce rogue
Tu avais plusieurs rogues dans ton PC

Je verrai cela plus tard dans la soirée
0
Bones
 
D'accord, je te remercie beaucoup. Je vais faire le scan avec Malwarebytes et coller la réponse ici. Comme ça, elle sera prête pour toi quand tu voudras la consulter. Encore merci.
0
Bones
 
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4422

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-08-12 13:20:28
mbam-log-2010-08-12 (13-20-28).txt

Type d'examen: Examen complet (A:\|C:\|D:\|)
Elément(s) analysé(s): 187492
Temps écoulé: 35 minute(s), 4 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 564
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 20

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cssurf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwnb181.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cwntdwmo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\d.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\datemanager.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dcomx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defalert.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defscangui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deloeminfs.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllcache.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllreg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\doors.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dop.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpfsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpps2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\driverctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwatson.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dssagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95_0.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ecengine.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\efpeadm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\emsw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanhnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanv95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\espwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ethereal.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\etrustcipe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\evpn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exantivirus-cnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exe.avxw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\expert.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explore.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-agnt95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\f-stopw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fact.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fast.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fch32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fih32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\findviru.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firewall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win_trial.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fprot.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frmwrk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsaa.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530stbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530wtbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsm32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsmb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
0
Bones
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gator.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbmenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbn976rl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbpoll.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\generics.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gmt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guarddog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hacktracersetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbinst.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\history.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\homeav2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotactio.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hotpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htlog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxdl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hxiul.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamstats.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmasn.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ibmavsp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icload95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icloadnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsupp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icsuppnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\identity.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\idle.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedll.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iedriver.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ieshow.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iface.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ifw2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infus.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[1].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[2].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[3].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[4].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install[5].exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intdel.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\intren.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iomon98.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\istsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jammer.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jdbgmrg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jedi.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jsrcgen.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavlite40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpers40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kazza.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keenvalue.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-pf-213-en-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrl-421-en-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrp-421-en-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\killprocesssetup161.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\launcher.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldnetmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
0
Bones
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\licmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lnetinfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loader.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\localnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lookout.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lordpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luau.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lucomserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luinit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\luspt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\malwareremoval.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mapisvc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmnhdlr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsacore.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mctool.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsrte.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\md.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfin32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfw2en.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfweng3.02d30.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrtcl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgavrte.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\minilog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmod.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\monitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\moolive.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpftray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrflux.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrt.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msa.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msbb.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msblast.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscache.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msccn32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscman.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msdos.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msfwsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msiexec16.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mslaugh.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmgt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmsgri32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssmmc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mssys.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msvxd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mu0311ad.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\n32scanw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navap.navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navdx.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navlu32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
0
Bones
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navstub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navwnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nc2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ncinst4.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neomonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neowatchlog.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netarmor.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netinfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netscanpro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netspyhunter-1.2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netutils.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisum.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\normist.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\norton_Internet_secu_3.0_407.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notstart.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npf40_tw_98_nt_me_2k.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npfmessenger.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nprotect.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npscheck.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npssvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsched32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nssys32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nstask32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntrtscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntvdm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntxconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nupgrade.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvarch16.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvc95.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvsvc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwinst4.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwtool16.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oacat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oahlp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oareg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oaview.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OcHealthMon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\odsw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ollydbg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onsrvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\optimize.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ostronet.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\otfix.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostinstall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpostproinstall.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\padmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\panixk.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\patch.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavcl.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavfnsvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavprsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsched.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsrv51.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pc_antispyware2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pccwin98.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcfwallicon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcip10117_0.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\peravir.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\periscope.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\persfw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perswf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pf2.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pfwadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pingscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe (Security.Hijack) -> Quarantined and deleted successfully.
0
Réponse 12 / 27
Utilisateur anonyme
 
C:\WINDOWS\system32\drivers\cebhqkpk.sys (Rootkit.Bubnix)
C'est moins drôle ce truc
Déjà une bonne chose, on a réussit à shooter ce maudit rogue
Vide la quarantaine de Malwarebytes

Fait moi ceci maintenant
https://forums.commentcamarche.net/forum/affich-18812124-tout-plein-de-virus#4

0
Bones
 
L'ordinateur n'a pas redémaré et aucune demande n'a été faite. Dois-je le redémarrer moi-même pour finaliser?
0
Réponse 13 / 27
Utilisateur anonyme
 
Bonjour,
Il aurai fallu redémarrer le PC pour finaliser la suppression

Pourrai tu me refaire ZHPDiag pour voir où cela en ai, et héberge le rapport
0
Bones
 
Sans vouloir t'ennuyer, je ne sais toujours pas ce que tu veux dire par "héberge le rapport".. Je le met sur le site de dépot de fichier. Si c'est ça, héberger un rapport, tant mieux :). Je te remercie pour tout ton temps.

Voici le lien: http://www.cijoint.fr/cjlink.php?file=cj201008/cijMaLYScW.txt

Si ce n'est pas ça, héberger le rapport, explique moi, s'il-te-plaît.
0
Réponse 14 / 27
Utilisateur anonyme
 
C'est ce que tu as fait, tu as hébergé le rapport
C'est beaucoup mieux
J'analyse le rapport, et je te redits cela
Surtout, évite de trop surfer, car tu as encore les fichiers host modifiés
qui pourraient te rediriger vers des sites de rogues
O.o°*??? Ex Nathandre aux 12938 messages depuis le 27.10.2008 °.Oø¤º°'°º¤ø
0
Réponse 15 / 27
Utilisateur anonyme
 
Tu vas faire ceci en mode sans échec
Imprime d'abord la procédure, et télécharge l'outil avant

Télécharge HostsXpert sur ton Bureau :
https://www.clubic.com/telecharger-fiche185974-hostsxpert.html
Décompresse-le (Clic droit >> Extraire ici)
Double-clique sur HostsXpert pour le lancer
Clique sur le bouton "Restore MS Hosts File" puis ferme le programme

PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.


0
Bones
 
Voilà, c'est fait. Je suis prête pour les prochaines instructions.
0
Réponse 16 / 27
Utilisateur anonyme
 
Bonjour
Pourrai tu me refaire ZHPDiag pour que je vérifie si les fichiers host ont été
restauré

Je te met en garde contre les téléchargements avec des logiciels P2P
(Limewire, Emule, Utorrent, Bit Torrent) qui sont un vrai danger, car on
peut télécharger des cochonneries avec
Surtout, ne clique plus sur les bannières publicitaires, car, derrière, ils
proposent de télécharger des rogues
Ne télécharge jamais de cracks avec des logiciels P2P, car c'est source
d'infections
Fait très attention si on te propose des logiciels de sécurité dont tu ne
connais pas le nom
0
Bones
 
Voici le lien: http://www.cijoint.fr/cjlink.php?file=cj201008/cijEbcC5x4.txt
0
Réponse 17 / 27
Utilisateur anonyme
 
Cela fait plaisir de voir un rapport comme cela
Dit moi comment va le PC
Pendant ce temps là, j'analyse le rapport
0
Bones
 
Il va BEAUCOUP mieux.. Le faux antivirus a disparus et il n'y a plus de fenêtres pop-up qui nous avertissent de n'importe quoi.. Même mon clavie s'en porte mieux!! Quand les virus étaient actifs au maximum, je ne pouvais même plus faire d'accent circonflexe :P. De plus, j'ai de nouveau accès au gestionnaire des tâches et mes sites ne sont plus redirigés n'importe où.. Tu as toute ma reconnaissance et mon admiration.
0
Réponse 18 / 27
Utilisateur anonyme
 
On va nettoyer les restes
Tu n'es plus redirigé, car les fichiers hosts ont été restauré

Je réitère ce que je t'ai dit, fait très attention maintenant si tu veux garder
ton PC en bon état
Evite les sites de jeux, et autres sites coc****, car c'est bourré de
cochonneries

Copie les lignes suivantes en gras ci dessous, c'est à dire
que tu sélectionnes les lignes indiquées en gras avec ta souris, tu fait
clic droit dessus>copier

[HKCU\Software\3]
O69 - SBI: SearchScopes [HKCU] {87693257-7142-4837-B6A7-C32182BF7445} [DefaultScope] - (Google) - http://findgala.com
[HKCU\Software\Conduit]
[HKCU\Software\nwzwnzbkql]


* Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
* Clique sur l'icône représentant la lettre H, cela collera les lignes que tu
as mis en mémoire
* Clique sur OK, sur Tous, puis sur Nettoyer
* Copie/colle la totalité du rapport dans ta prochaine réponse

Ensuite, met à jour Malwarebytes, et refait un scan complet



O.o°*??? Ex Nathandre aux 12938 messages depuis le 27.10.2008 °.Oø¤º°'°º¤ø
0
Bones
 
Rapport de ZHPFix v1.12.3134 par Nicolas Coolman, Update du 12/08/2010
Fichier d'export Registre : C:\ZHPExportRegistry-2010-08-14-09-52-14.txt
Run by Stephanie at 2010-08-14 09:52:14
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
HKCU\Software\3 => Clé supprimée avec succès
HKCU\Software\Conduit => Clé supprimée avec succès
HKCU\Software\nwzwnzbkql => Clé supprimée avec succès

========== Elément(s) de donnée du Registre ==========
O69 - SBI: SearchScopes [HKCU] {87693257-7142-4837-B6A7-C32182BF7445} [DefaultScope] - (Google) - http://findgala.com => Donnée supprimée avec succès


========== Récapitulatif ==========
3 : Clé(s) du Registre
1 : Elément(s) de donnée du Registre


End of the scan
0
Réponse 19 / 27
Utilisateur anonyme
 
Tu peux faire Malwarebytes
0
Bones
 
Il est en train d'analyser.. En attendant, j'ai quelques petites questions. Quand mon ordis sera tout propre, est-ce que je dois installer un nouvel Antivirus ou c'est Malwarebytes qui fera le travail? Est-ce que je devrai installer de nouvelles protections?
0
Réponse 20 / 27
Utilisateur anonyme
 
Je t'en proposerai un après lorsqu'on aura fini le nettoyage
Malwarebytes version gratuite ne fonctionne pas en temps réel, il faudra
le conserver pour scanner une fois de temps en temps le PC, et il faudra le mettre
à jour avant chaque scan
Tant que tu n'as pas de protection, ne surfe pas n'importe où
0
Bones
 
Voici le rapport de Malwarebytes. Je dois aller quelque part pour l'instant, mais analyse le rapport et transmet-moi tes instructions ensuite, je regarderai tout ça quand je reviendrai. Merci infiniment.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4427

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-08-14 10:27:44
mbam-log-2010-08-14 (10-27-44).txt

Type d'examen: Examen complet (A:\|C:\|D:\|)
Elément(s) analysé(s): 175932
Temps écoulé: 32 minute(s), 36 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{70CA56FC-E8BD-4DB7-9E5B-B1CFF250DC02}\RP23\A0004049.exe (Trojan.Agent) -> Quarantined and deleted successfully.
0
Bones
 
Je suis revenue. Je suis désolée, je n'ai pas pensé à héberger le rapport.. Si tu préfères cette façon, voici le lien: http://www.cijoint.fr/cjlink.php?file=cj201008/cijzU6Nwup.txt ... Quand tu le voudras bien, transmet-moi les prochaines instructions. Merci.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
message de postmaster incessant !
wasap -
wasap -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses