Cryptowall
hatim10
Messages postés
16
Date d'inscription
Statut
Membre
Dernière intervention
-
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonsoir tout le monde,
J'ai un grave problème le virus Crytowall a attaque mon PC en mettant HELP_DECRYPT partout dans mes dossiers,et la dernière sauvegarde remonte à il y a deux ans, je n'arrive pas à ouvrir mes fichiers (Word, Excel, PDF, Images, Video....) SVP il y a quelqu'un qui peut m'aider??
J'ai un grave problème le virus Crytowall a attaque mon PC en mettant HELP_DECRYPT partout dans mes dossiers,et la dernière sauvegarde remonte à il y a deux ans, je n'arrive pas à ouvrir mes fichiers (Word, Excel, PDF, Images, Video....) SVP il y a quelqu'un qui peut m'aider??
9 réponses
Salut,
Tu as été infecté par un Ransomware chiffreurs de fichiers.
Ces derniers vont essentiellement par des pièces jointes malicieux dans des emails ou des Exploits WEB.
Il n'y a pas vraiment de solution pour récupérer les documents.
Il faudra vérifier qu'aucun malware ne soit actif puis changer tous tes mots de passe.
- Eventuellement faire un nettoyage Malwarebytes
Si tu veux vérifier l'ordinateur :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Tu as été infecté par un Ransomware chiffreurs de fichiers.
Ces derniers vont essentiellement par des pièces jointes malicieux dans des emails ou des Exploits WEB.
Il n'y a pas vraiment de solution pour récupérer les documents.
Il faudra vérifier qu'aucun malware ne soit actif puis changer tous tes mots de passe.
- Eventuellement faire un nettoyage Malwarebytes
Si tu veux vérifier l'ordinateur :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
Startup: C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
Startup: C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\USER03\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\USER03\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\USER03\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\HELP_DECRYPT.URL
2015-04-07 11:25 - 2015-04-07 11:25 - 00008572 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.HTML
2015-04-07 11:25 - 2015-04-07 11:25 - 00004226 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.TXT
2015-04-07 11:25 - 2015-04-07 11:25 - 00000276 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.URL
2015-04-07 11:17 - 2015-04-07 11:17 - 00019712 _____ () C:\Users\USER03\Downloads\BitDefender total security 2015+activator-TORRENT.rar
2015-04-07 10:30 - 2015-04-07 10:30 - 00884672 _____ () C:\Users\USER03\Downloads\Activator BitDefender total security 2015.rar
2015-04-07 10:28 - 2015-04-07 10:28 - 00008572 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.HTML
2015-04-07 10:28 - 2015-04-07 10:28 - 00004226 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.TXT
2015-04-07 10:28 - 2015-04-07 10:28 - 00000276 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.URL
2015-04-07 09:50 - 2015-04-07 09:50 - 00598112 _____ () C:\Users\USER03\Downloads\Bitdefender Antivirus Plus Wit Downloader.zip
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Documents\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Documents\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Documents\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.URL
2015-04-06 16:57 - 2015-04-06 16:57 - 00008572 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:57 - 2015-04-06 16:57 - 00004226 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:57 - 2015-04-06 16:57 - 00000276 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.URL
2015-04-06 15:50 - 2015-04-06 15:50 - 00008572 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML
2015-04-06 15:50 - 2015-04-06 15:50 - 00004226 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT
2015-04-06 15:50 - 2015-04-06 15:50 - 00000276 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.URL
2015-04-06 15:12 - 2015-04-06 15:12 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML
2015-04-06 15:12 - 2015-04-06 15:12 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT
2015-04-06 15:12 - 2015-04-06 15:12 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.URL
2015-04-06 13:35 - 2015-04-06 13:35 - 00008572 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-06 13:35 - 2015-04-06 13:35 - 00004226 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-04-06 13:35 - 2015-04-06 13:35 - 00000276 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003466 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003464 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00001344 _____ () C:\Windows\Tasks\NMYVUNJ.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004486 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004484 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00001344 _____ () C:\Windows\Tasks\AHTHXQM.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005510 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005508 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001342 _____ () C:\Windows\Tasks\RNWPLZ.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001340 _____ () C:\Windows\Tasks\IQKLG.job
2015-04-09 07:10 - 2015-01-25 16:12 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\NMYVUNJ
2015-04-09 07:09 - 2015-01-25 16:12 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\RNWPLZ
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\ZCMI
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\XXUCRWI
2015-04-09 07:09 - 2014-09-01 08:18 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\QGUDTAV
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\TornPlusTV_version1.11
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\6979ecd2-d558-405d-8f65-a7b30b7aebe8
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\30e2ede0-0e37-4215-bb79-1f9b4fb4b421
2015-04-08 06:32 - 2014-11-17 12:30 - 00000000 ____D () C:\ProgramData\cab4fbb2-1ac7-44d2-9b7d-0c921d8827f4
Task: {03A59802-CE7F-4400-AEB2-A118FEF4CB7A} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: {0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {140FB370-2A06-4BC4-8D51-C74D78FF270E} - \SPDriver No Task File <==== ATTENTION
Task: {1A915922-EC5C-4834-A0F8-15446CCBD737} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {1FADC4DE-8DC5-4C45-9972-9FF8717BAC68} - System32\Tasks\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78} => msiexec.exe /package "C:\Users\Hatim Benhammou\Downloads\iTunesSetup (N)\iTunes.msi"
Task: {21F51787-CD1D-41BE-ABAE-78820567616F} - System32\Tasks\RNWPLZ => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: {22048EE8-1340-45FE-8004-788F054A7F80} - System32\Tasks\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F} => pcalua.exe -a "C:\Users\Hatim Benhammou\Downloads\MSAC-US30_DriverInstaller.exe" -d "C:\Users\Hatim Benhammou\Downloads"
Task: {22C234CE-ECE3-470D-8960-A583354ED407} - System32\Tasks\YTAUpdate => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {2DBDB6F9-6911-4804-8C3F-14AE3AE02F10} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: {38335A49-0532-4595-AA98-6713DB511688} - System32\Tasks\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7} => C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b.exe [2015-04-07] ()
Task: {3B167875-384A-4726-A7F4-D8AA0FC03AE0} - System32\Tasks\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039} => pcalua.exe -a "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b\setuplauncher.exe" -d "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b"
Task: {3D93BFB2-7594-446B-BB50-E39708E7BB6C} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {3F730200-E771-4185-ADF9-D1B002769A61} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: {40D9D03C-24CA-4B69-B397-BEF2B55825FE} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: {4A105171-7552-4E5B-8914-8234757758E9} - System32\Tasks\{92536A0E-DC18-4D65-B802-B0F024745CFA} => pcalua.exe -a "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\UnInstall.exe" -d "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\"
Task: {4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: {4D835E4E-7957-4140-96FA-F4B118DF1EE5} - \ShopperPro No Task File <==== ATTENTION
Task: {4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: {631B1D9A-B571-48D7-B629-F453E2C71805} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: {677DF04E-2238-45D3-89D5-00D764A2A04F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {9C699175-BA2E-4ED1-A53D-B49ACB6C7340} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A3967610-4F17-42C0-9162-585EA18F01F0} - System32\Tasks\NMYVUNJ => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: {A9511FDA-9977-4B11-867C-A41BD3190785} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {AA657B54-0069-4EA4-9978-9E72226D2745} - System32\Tasks\{014B1993-8909-4733-8367-C057130F5149} => C:\Users\USER03\Downloads\install_flashplayer13x32_mssd_aaa_aih(1).exe
Task: {B40DDA3A-6D56-4397-B7B2-A5970451CE87} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: {B553F538-DBD9-4F72-8EED-DB230CBB8299} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: {B5A22707-9CE5-4F93-AAA8-78C5ACD227BE} - System32\Tasks\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B} => pcalua.exe -a C:\Users\USER03\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838} - System32\Tasks\AHTHXQM => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: {C0010D1C-1143-44AB-B464-F51E6B584300} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {C5C582E4-D51E-4BDF-859E-0FC4D6F1958A} - System32\Tasks\{2EC2A33E-348D-432B-86B3-83CBB0352618} => pcalua.exe -a "C:\Users\Hatim Benhammou\Desktop\Pilotes\Intel_Chipset-Software-Insta_A04_R304291_setup_ZPE.exe" -d "C:\Users\Hatim Benhammou\Desktop\Pilotes"
Task: {C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: {CDC03D56-BB90-47E7-8EB3-C89BF332FCD8} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: {CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0} - System32\Tasks\Security Center Update - 3172106264 => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
Task: {D389FECB-BD8C-4EF9-B62B-C57EB81825EE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {F615BE0E-4061-477C-A31B-828145B263B0} - System32\Tasks\IQKLG => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: {FEE881B8-42D7-4507-8038-03C914E61789} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AHTHXQM.job => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IQKLG.job => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: C:\Windows\Tasks\NMYVUNJ.job => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\RNWPLZ.job => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3172106264.job => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
Startup: C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
Startup: C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\USER03\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\USER03\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\USER03\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\HELP_DECRYPT.URL
2015-04-07 11:25 - 2015-04-07 11:25 - 00008572 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.HTML
2015-04-07 11:25 - 2015-04-07 11:25 - 00004226 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.TXT
2015-04-07 11:25 - 2015-04-07 11:25 - 00000276 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.URL
2015-04-07 11:17 - 2015-04-07 11:17 - 00019712 _____ () C:\Users\USER03\Downloads\BitDefender total security 2015+activator-TORRENT.rar
2015-04-07 10:30 - 2015-04-07 10:30 - 00884672 _____ () C:\Users\USER03\Downloads\Activator BitDefender total security 2015.rar
2015-04-07 10:28 - 2015-04-07 10:28 - 00008572 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.HTML
2015-04-07 10:28 - 2015-04-07 10:28 - 00004226 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.TXT
2015-04-07 10:28 - 2015-04-07 10:28 - 00000276 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.URL
2015-04-07 09:50 - 2015-04-07 09:50 - 00598112 _____ () C:\Users\USER03\Downloads\Bitdefender Antivirus Plus Wit Downloader.zip
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Documents\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Documents\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Documents\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.URL
2015-04-06 16:57 - 2015-04-06 16:57 - 00008572 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:57 - 2015-04-06 16:57 - 00004226 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:57 - 2015-04-06 16:57 - 00000276 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.URL
2015-04-06 15:50 - 2015-04-06 15:50 - 00008572 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML
2015-04-06 15:50 - 2015-04-06 15:50 - 00004226 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT
2015-04-06 15:50 - 2015-04-06 15:50 - 00000276 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.URL
2015-04-06 15:12 - 2015-04-06 15:12 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML
2015-04-06 15:12 - 2015-04-06 15:12 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT
2015-04-06 15:12 - 2015-04-06 15:12 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.URL
2015-04-06 13:35 - 2015-04-06 13:35 - 00008572 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-06 13:35 - 2015-04-06 13:35 - 00004226 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-04-06 13:35 - 2015-04-06 13:35 - 00000276 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003466 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003464 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00001344 _____ () C:\Windows\Tasks\NMYVUNJ.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004486 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004484 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00001344 _____ () C:\Windows\Tasks\AHTHXQM.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005510 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005508 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001342 _____ () C:\Windows\Tasks\RNWPLZ.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001340 _____ () C:\Windows\Tasks\IQKLG.job
2015-04-09 07:10 - 2015-01-25 16:12 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\NMYVUNJ
2015-04-09 07:09 - 2015-01-25 16:12 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\RNWPLZ
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\ZCMI
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\XXUCRWI
2015-04-09 07:09 - 2014-09-01 08:18 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\QGUDTAV
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\TornPlusTV_version1.11
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\6979ecd2-d558-405d-8f65-a7b30b7aebe8
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\30e2ede0-0e37-4215-bb79-1f9b4fb4b421
2015-04-08 06:32 - 2014-11-17 12:30 - 00000000 ____D () C:\ProgramData\cab4fbb2-1ac7-44d2-9b7d-0c921d8827f4
Task: {03A59802-CE7F-4400-AEB2-A118FEF4CB7A} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: {0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {140FB370-2A06-4BC4-8D51-C74D78FF270E} - \SPDriver No Task File <==== ATTENTION
Task: {1A915922-EC5C-4834-A0F8-15446CCBD737} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {1FADC4DE-8DC5-4C45-9972-9FF8717BAC68} - System32\Tasks\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78} => msiexec.exe /package "C:\Users\Hatim Benhammou\Downloads\iTunesSetup (N)\iTunes.msi"
Task: {21F51787-CD1D-41BE-ABAE-78820567616F} - System32\Tasks\RNWPLZ => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: {22048EE8-1340-45FE-8004-788F054A7F80} - System32\Tasks\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F} => pcalua.exe -a "C:\Users\Hatim Benhammou\Downloads\MSAC-US30_DriverInstaller.exe" -d "C:\Users\Hatim Benhammou\Downloads"
Task: {22C234CE-ECE3-470D-8960-A583354ED407} - System32\Tasks\YTAUpdate => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {2DBDB6F9-6911-4804-8C3F-14AE3AE02F10} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: {38335A49-0532-4595-AA98-6713DB511688} - System32\Tasks\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7} => C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b.exe [2015-04-07] ()
Task: {3B167875-384A-4726-A7F4-D8AA0FC03AE0} - System32\Tasks\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039} => pcalua.exe -a "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b\setuplauncher.exe" -d "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b"
Task: {3D93BFB2-7594-446B-BB50-E39708E7BB6C} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {3F730200-E771-4185-ADF9-D1B002769A61} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: {40D9D03C-24CA-4B69-B397-BEF2B55825FE} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: {4A105171-7552-4E5B-8914-8234757758E9} - System32\Tasks\{92536A0E-DC18-4D65-B802-B0F024745CFA} => pcalua.exe -a "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\UnInstall.exe" -d "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\"
Task: {4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: {4D835E4E-7957-4140-96FA-F4B118DF1EE5} - \ShopperPro No Task File <==== ATTENTION
Task: {4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: {631B1D9A-B571-48D7-B629-F453E2C71805} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: {677DF04E-2238-45D3-89D5-00D764A2A04F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {9C699175-BA2E-4ED1-A53D-B49ACB6C7340} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A3967610-4F17-42C0-9162-585EA18F01F0} - System32\Tasks\NMYVUNJ => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: {A9511FDA-9977-4B11-867C-A41BD3190785} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {AA657B54-0069-4EA4-9978-9E72226D2745} - System32\Tasks\{014B1993-8909-4733-8367-C057130F5149} => C:\Users\USER03\Downloads\install_flashplayer13x32_mssd_aaa_aih(1).exe
Task: {B40DDA3A-6D56-4397-B7B2-A5970451CE87} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: {B553F538-DBD9-4F72-8EED-DB230CBB8299} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: {B5A22707-9CE5-4F93-AAA8-78C5ACD227BE} - System32\Tasks\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B} => pcalua.exe -a C:\Users\USER03\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838} - System32\Tasks\AHTHXQM => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: {C0010D1C-1143-44AB-B464-F51E6B584300} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {C5C582E4-D51E-4BDF-859E-0FC4D6F1958A} - System32\Tasks\{2EC2A33E-348D-432B-86B3-83CBB0352618} => pcalua.exe -a "C:\Users\Hatim Benhammou\Desktop\Pilotes\Intel_Chipset-Software-Insta_A04_R304291_setup_ZPE.exe" -d "C:\Users\Hatim Benhammou\Desktop\Pilotes"
Task: {C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: {CDC03D56-BB90-47E7-8EB3-C89BF332FCD8} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: {CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0} - System32\Tasks\Security Center Update - 3172106264 => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
Task: {D389FECB-BD8C-4EF9-B62B-C57EB81825EE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {F615BE0E-4061-477C-A31B-828145B263B0} - System32\Tasks\IQKLG => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: {FEE881B8-42D7-4507-8038-03C914E61789} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AHTHXQM.job => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IQKLG.job => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: C:\Windows\Tasks\NMYVUNJ.job => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\RNWPLZ.job => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3172106264.job => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by USER03 at 2015-04-10 19:49:16 Run:1
Running from C:\Users\USER03\Desktop
Loaded Profiles: USER03 (Available profiles: Hatim Benhammou & USER03)
Boot Mode: Normal
==============================================
Content of fixlist:
Startup: C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
Startup: C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\USER03\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\USER03\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\USER03\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\HELP_DECRYPT.URL
2015-04-07 11:25 - 2015-04-07 11:25 - 00008572 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.HTML
2015-04-07 11:25 - 2015-04-07 11:25 - 00004226 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.TXT
2015-04-07 11:25 - 2015-04-07 11:25 - 00000276 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.URL
2015-04-07 11:17 - 2015-04-07 11:17 - 00019712 _____ () C:\Users\USER03\Downloads\BitDefender total security 2015+activator-TORRENT.rar
2015-04-07 10:30 - 2015-04-07 10:30 - 00884672 _____ () C:\Users\USER03\Downloads\Activator BitDefender total security 2015.rar
2015-04-07 10:28 - 2015-04-07 10:28 - 00008572 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.HTML
2015-04-07 10:28 - 2015-04-07 10:28 - 00004226 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.TXT
2015-04-07 10:28 - 2015-04-07 10:28 - 00000276 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.URL
2015-04-07 09:50 - 2015-04-07 09:50 - 00598112 _____ () C:\Users\USER03\Downloads\Bitdefender Antivirus Plus Wit Downloader.zip
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Documents\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Documents\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Documents\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.URL
2015-04-06 16:57 - 2015-04-06 16:57 - 00008572 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:57 - 2015-04-06 16:57 - 00004226 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:57 - 2015-04-06 16:57 - 00000276 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.URL
2015-04-06 15:50 - 2015-04-06 15:50 - 00008572 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML
2015-04-06 15:50 - 2015-04-06 15:50 - 00004226 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT
2015-04-06 15:50 - 2015-04-06 15:50 - 00000276 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.URL
2015-04-06 15:12 - 2015-04-06 15:12 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML
2015-04-06 15:12 - 2015-04-06 15:12 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT
2015-04-06 15:12 - 2015-04-06 15:12 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.URL
2015-04-06 13:35 - 2015-04-06 13:35 - 00008572 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-06 13:35 - 2015-04-06 13:35 - 00004226 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-04-06 13:35 - 2015-04-06 13:35 - 00000276 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003466 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003464 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00001344 _____ () C:\Windows\Tasks\NMYVUNJ.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004486 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004484 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00001344 _____ () C:\Windows\Tasks\AHTHXQM.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005510 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005508 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001342 _____ () C:\Windows\Tasks\RNWPLZ.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001340 _____ () C:\Windows\Tasks\IQKLG.job
2015-04-09 07:10 - 2015-01-25 16:12 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\NMYVUNJ
2015-04-09 07:09 - 2015-01-25 16:12 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\RNWPLZ
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\ZCMI
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\XXUCRWI
2015-04-09 07:09 - 2014-09-01 08:18 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\QGUDTAV
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\TornPlusTV_version1.11
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\6979ecd2-d558-405d-8f65-a7b30b7aebe8
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\30e2ede0-0e37-4215-bb79-1f9b4fb4b421
2015-04-08 06:32 - 2014-11-17 12:30 - 00000000 ____D () C:\ProgramData\cab4fbb2-1ac7-44d2-9b7d-0c921d8827f4
Task: {03A59802-CE7F-4400-AEB2-A118FEF4CB7A} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: {0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {140FB370-2A06-4BC4-8D51-C74D78FF270E} - \SPDriver No Task File <==== ATTENTION
Task: {1A915922-EC5C-4834-A0F8-15446CCBD737} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {1FADC4DE-8DC5-4C45-9972-9FF8717BAC68} - System32\Tasks\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78} => msiexec.exe /package "C:\Users\Hatim Benhammou\Downloads\iTunesSetup (N)\iTunes.msi"
Task: {21F51787-CD1D-41BE-ABAE-78820567616F} - System32\Tasks\RNWPLZ => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: {22048EE8-1340-45FE-8004-788F054A7F80} - System32\Tasks\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F} => pcalua.exe -a "C:\Users\Hatim Benhammou\Downloads\MSAC-US30_DriverInstaller.exe" -d "C:\Users\Hatim Benhammou\Downloads"
Task: {22C234CE-ECE3-470D-8960-A583354ED407} - System32\Tasks\YTAUpdate => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {2DBDB6F9-6911-4804-8C3F-14AE3AE02F10} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: {38335A49-0532-4595-AA98-6713DB511688} - System32\Tasks\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7} => C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b.exe [2015-04-07] ()
Task: {3B167875-384A-4726-A7F4-D8AA0FC03AE0} - System32\Tasks\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039} => pcalua.exe -a "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b\setuplauncher.exe" -d "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b"
Task: {3D93BFB2-7594-446B-BB50-E39708E7BB6C} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {3F730200-E771-4185-ADF9-D1B002769A61} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: {40D9D03C-24CA-4B69-B397-BEF2B55825FE} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: {4A105171-7552-4E5B-8914-8234757758E9} - System32\Tasks\{92536A0E-DC18-4D65-B802-B0F024745CFA} => pcalua.exe -a "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\UnInstall.exe" -d "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\"
Task: {4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: {4D835E4E-7957-4140-96FA-F4B118DF1EE5} - \ShopperPro No Task File <==== ATTENTION
Task: {4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: {631B1D9A-B571-48D7-B629-F453E2C71805} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: {677DF04E-2238-45D3-89D5-00D764A2A04F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {9C699175-BA2E-4ED1-A53D-B49ACB6C7340} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A3967610-4F17-42C0-9162-585EA18F01F0} - System32\Tasks\NMYVUNJ => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: {A9511FDA-9977-4B11-867C-A41BD3190785} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {AA657B54-0069-4EA4-9978-9E72226D2745} - System32\Tasks\{014B1993-8909-4733-8367-C057130F5149} => C:\Users\USER03\Downloads\install_flashplayer13x32_mssd_aaa_aih(1).exe
Task: {B40DDA3A-6D56-4397-B7B2-A5970451CE87} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: {B553F538-DBD9-4F72-8EED-DB230CBB8299} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: {B5A22707-9CE5-4F93-AAA8-78C5ACD227BE} - System32\Tasks\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B} => pcalua.exe -a C:\Users\USER03\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838} - System32\Tasks\AHTHXQM => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: {C0010D1C-1143-44AB-B464-F51E6B584300} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {C5C582E4-D51E-4BDF-859E-0FC4D6F1958A} - System32\Tasks\{2EC2A33E-348D-432B-86B3-83CBB0352618} => pcalua.exe -a "C:\Users\Hatim Benhammou\Desktop\Pilotes\Intel_Chipset-Software-Insta_A04_R304291_setup_ZPE.exe" -d "C:\Users\Hatim Benhammou\Desktop\Pilotes"
Task: {C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: {CDC03D56-BB90-47E7-8EB3-C89BF332FCD8} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: {CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0} - System32\Tasks\Security Center Update - 3172106264 => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
Task: {D389FECB-BD8C-4EF9-B62B-C57EB81825EE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {F615BE0E-4061-477C-A31B-828145B263B0} - System32\Tasks\IQKLG => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: {FEE881B8-42D7-4507-8038-03C914E61789} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AHTHXQM.job => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IQKLG.job => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: C:\Windows\Tasks\NMYVUNJ.job => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\RNWPLZ.job => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3172106264.job => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk => Moved successfully.
C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk => Moved successfully.
C:\Users\USER03\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\HELP_DECRYPT.HTML => Moved successfully.
C:\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\USER03\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\HELP_DECRYPT.TXT => Moved successfully.
C:\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\USER03\HELP_DECRYPT.URL => Moved successfully.
C:\Users\HELP_DECRYPT.URL => Moved successfully.
C:\HELP_DECRYPT.URL => Moved successfully.
C:\Users\USER03\Downloads\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\USER03\Downloads\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\USER03\Downloads\HELP_DECRYPT.URL => Moved successfully.
C:\Users\USER03\Downloads\BitDefender total security 2015+activator-TORRENT.rar => Moved successfully.
C:\Users\USER03\Downloads\Activator BitDefender total security 2015.rar => Moved successfully.
C:\Users\USER03\Documents\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\USER03\Documents\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\USER03\Documents\HELP_DECRYPT.URL => Moved successfully.
C:\Users\USER03\Downloads\Bitdefender Antivirus Plus Wit Downloader.zip => Moved successfully.
C:\Users\Public\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Public\Downloads\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Public\Documents\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Public\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Public\Downloads\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Public\Documents\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Public\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Public\Downloads\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Public\Documents\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.URL => Moved successfully.
C:\ProgramData\HELP_DECRYPT.HTML => Moved successfully.
C:\ProgramData\HELP_DECRYPT.TXT => Moved successfully.
C:\ProgramData\HELP_DECRYPT.URL => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job => Moved successfully.
C:\Windows\Tasks\NMYVUNJ.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job => Moved successfully.
C:\Windows\Tasks\AHTHXQM.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job => Moved successfully.
C:\Windows\Tasks\RNWPLZ.job => Moved successfully.
C:\Windows\Tasks\IQKLG.job => Moved successfully.
C:\Users\USER03\AppData\Roaming\NMYVUNJ => Moved successfully.
C:\Users\USER03\AppData\Roaming\RNWPLZ => Moved successfully.
C:\Users\USER03\AppData\Roaming\ZCMI => Moved successfully.
C:\Users\USER03\AppData\Roaming\XXUCRWI => Moved successfully.
C:\Users\USER03\AppData\Roaming\QGUDTAV => Moved successfully.
C:\Program Files\TornPlusTV_version1.11 => Moved successfully.
C:\Program Files\6979ecd2-d558-405d-8f65-a7b30b7aebe8 => Moved successfully.
C:\Program Files\30e2ede0-0e37-4215-bb79-1f9b4fb4b421 => Moved successfully.
C:\ProgramData\cab4fbb2-1ac7-44d2-9b7d-0c921d8827f4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03A59802-CE7F-4400-AEB2-A118FEF4CB7A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03A59802-CE7F-4400-AEB2-A118FEF4CB7A}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{140FB370-2A06-4BC4-8D51-C74D78FF270E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{140FB370-2A06-4BC4-8D51-C74D78FF270E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A915922-EC5C-4834-A0F8-15446CCBD737}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A915922-EC5C-4834-A0F8-15446CCBD737}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FADC4DE-8DC5-4C45-9972-9FF8717BAC68}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FADC4DE-8DC5-4C45-9972-9FF8717BAC68}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21F51787-CD1D-41BE-ABAE-78820567616F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21F51787-CD1D-41BE-ABAE-78820567616F}" => Key deleted successfully.
C:\Windows\System32\Tasks\RNWPLZ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RNWPLZ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22048EE8-1340-45FE-8004-788F054A7F80}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22048EE8-1340-45FE-8004-788F054A7F80}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22C234CE-ECE3-470D-8960-A583354ED407}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C234CE-ECE3-470D-8960-A583354ED407}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTAUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2DBDB6F9-6911-4804-8C3F-14AE3AE02F10}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DBDB6F9-6911-4804-8C3F-14AE3AE02F10}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38335A49-0532-4595-AA98-6713DB511688}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38335A49-0532-4595-AA98-6713DB511688}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B167875-384A-4726-A7F4-D8AA0FC03AE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B167875-384A-4726-A7F4-D8AA0FC03AE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D93BFB2-7594-446B-BB50-E39708E7BB6C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D93BFB2-7594-446B-BB50-E39708E7BB6C}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTAUpdate_logon => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate_logon" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3F730200-E771-4185-ADF9-D1B002769A61}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F730200-E771-4185-ADF9-D1B002769A61}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40D9D03C-24CA-4B69-B397-BEF2B55825FE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D9D03C-24CA-4B69-B397-BEF2B55825FE}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A105171-7552-4E5B-8914-8234757758E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A105171-7552-4E5B-8914-8234757758E9}" => Key deleted successfully.
C:\Windows\System32\Tasks\{92536A0E-DC18-4D65-B802-B0F024745CFA} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{92536A0E-DC18-4D65-B802-B0F024745CFA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D835E4E-7957-4140-96FA-F4B118DF1EE5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D835E4E-7957-4140-96FA-F4B118DF1EE5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{631B1D9A-B571-48D7-B629-F453E2C71805}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{631B1D9A-B571-48D7-B629-F453E2C71805}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{677DF04E-2238-45D3-89D5-00D764A2A04F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{677DF04E-2238-45D3-89D5-00D764A2A04F}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C699175-BA2E-4ED1-A53D-B49ACB6C7340}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C699175-BA2E-4ED1-A53D-B49ACB6C7340}" => Key deleted successfully.
C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A3967610-4F17-42C0-9162-585EA18F01F0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3967610-4F17-42C0-9162-585EA18F01F0}" => Key deleted successfully.
C:\Windows\System32\Tasks\NMYVUNJ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NMYVUNJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9511FDA-9977-4B11-867C-A41BD3190785}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9511FDA-9977-4B11-867C-A41BD3190785}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA657B54-0069-4EA4-9978-9E72226D2745}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA657B54-0069-4EA4-9978-9E72226D2745}" => Key deleted successfully.
C:\Windows\System32\Tasks\{014B1993-8909-4733-8367-C057130F5149} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{014B1993-8909-4733-8367-C057130F5149}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B40DDA3A-6D56-4397-B7B2-A5970451CE87}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B40DDA3A-6D56-4397-B7B2-A5970451CE87}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B553F538-DBD9-4F72-8EED-DB230CBB8299}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B553F538-DBD9-4F72-8EED-DB230CBB8299}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5A22707-9CE5-4F93-AAA8-78C5ACD227BE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5A22707-9CE5-4F93-AAA8-78C5ACD227BE}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838}" => Key deleted successfully.
C:\Windows\System32\Tasks\AHTHXQM => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AHTHXQM" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0010D1C-1143-44AB-B464-F51E6B584300}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0010D1C-1143-44AB-B464-F51E6B584300}" => Key deleted successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5C582E4-D51E-4BDF-859E-0FC4D6F1958A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C582E4-D51E-4BDF-859E-0FC4D6F1958A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2EC2A33E-348D-432B-86B3-83CBB0352618} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2EC2A33E-348D-432B-86B3-83CBB0352618}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDC03D56-BB90-47E7-8EB3-C89BF332FCD8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDC03D56-BB90-47E7-8EB3-C89BF332FCD8}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3172106264 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3172106264" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D389FECB-BD8C-4EF9-B62B-C57EB81825EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D389FECB-BD8C-4EF9-B62B-C57EB81825EE}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F615BE0E-4061-477C-A31B-828145B263B0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F615BE0E-4061-477C-A31B-828145B263B0}" => Key deleted successfully.
C:\Windows\System32\Tasks\IQKLG => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IQKLG" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FEE881B8-42D7-4507-8038-03C914E61789}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEE881B8-42D7-4507-8038-03C914E61789}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user" => Key deleted successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AHTHXQM.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\IQKLG.job not found.
C:\Windows\Tasks\NMYVUNJ.job not found.
C:\Windows\Tasks\RNWPLZ.job not found.
C:\Windows\Tasks\Security Center Update - 3172106264.job => Moved successfully.
Ran by USER03 at 2015-04-10 19:49:16 Run:1
Running from C:\Users\USER03\Desktop
Loaded Profiles: USER03 (Available profiles: Hatim Benhammou & USER03)
Boot Mode: Normal
==============================================
Content of fixlist:
Startup: C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
Startup: C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\USER03\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\Users\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00008572 _____ () C:\HELP_DECRYPT.HTML
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\USER03\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\Users\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00004226 _____ () C:\HELP_DECRYPT.TXT
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\USER03\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\Users\HELP_DECRYPT.URL
2015-04-07 12:04 - 2015-04-07 12:04 - 00000276 _____ () C:\HELP_DECRYPT.URL
2015-04-07 11:25 - 2015-04-07 11:25 - 00008572 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.HTML
2015-04-07 11:25 - 2015-04-07 11:25 - 00004226 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.TXT
2015-04-07 11:25 - 2015-04-07 11:25 - 00000276 _____ () C:\Users\USER03\Downloads\HELP_DECRYPT.URL
2015-04-07 11:17 - 2015-04-07 11:17 - 00019712 _____ () C:\Users\USER03\Downloads\BitDefender total security 2015+activator-TORRENT.rar
2015-04-07 10:30 - 2015-04-07 10:30 - 00884672 _____ () C:\Users\USER03\Downloads\Activator BitDefender total security 2015.rar
2015-04-07 10:28 - 2015-04-07 10:28 - 00008572 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.HTML
2015-04-07 10:28 - 2015-04-07 10:28 - 00004226 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.TXT
2015-04-07 10:28 - 2015-04-07 10:28 - 00000276 _____ () C:\Users\USER03\Documents\HELP_DECRYPT.URL
2015-04-07 09:50 - 2015-04-07 09:50 - 00598112 _____ () C:\Users\USER03\Downloads\Bitdefender Antivirus Plus Wit Downloader.zip
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Public\Documents\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00008572 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.HTML
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Public\Documents\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00004226 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.TXT
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Downloads\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Public\Documents\HELP_DECRYPT.URL
2015-04-06 16:58 - 2015-04-06 16:58 - 00000276 _____ () C:\Users\Hatim Benhammou\HELP_DECRYPT.URL
2015-04-06 16:57 - 2015-04-06 16:57 - 00008572 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML
2015-04-06 16:57 - 2015-04-06 16:57 - 00004226 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT
2015-04-06 16:57 - 2015-04-06 16:57 - 00000276 _____ () C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.URL
2015-04-06 15:50 - 2015-04-06 15:50 - 00008572 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML
2015-04-06 15:50 - 2015-04-06 15:50 - 00004226 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT
2015-04-06 15:50 - 2015-04-06 15:50 - 00000276 _____ () C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.URL
2015-04-06 15:34 - 2015-04-06 15:34 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.URL
2015-04-06 15:12 - 2015-04-06 15:12 - 00008572 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML
2015-04-06 15:12 - 2015-04-06 15:12 - 00004226 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT
2015-04-06 15:12 - 2015-04-06 15:12 - 00000276 _____ () C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.URL
2015-04-06 13:35 - 2015-04-06 13:35 - 00008572 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-06 13:35 - 2015-04-06 13:35 - 00004226 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-04-06 13:35 - 2015-04-06 13:35 - 00000276 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002438 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job
2015-04-10 12:36 - 2015-02-21 11:26 - 00002436 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003466 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00003464 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job
2015-04-10 12:36 - 2015-02-21 11:25 - 00001344 _____ () C:\Windows\Tasks\NMYVUNJ.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004486 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00004484 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job
2015-04-10 12:36 - 2015-02-21 11:24 - 00001344 _____ () C:\Windows\Tasks\AHTHXQM.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005510 _____ () C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00005508 _____ () C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001342 _____ () C:\Windows\Tasks\RNWPLZ.job
2015-04-10 12:36 - 2015-02-21 11:23 - 00001340 _____ () C:\Windows\Tasks\IQKLG.job
2015-04-09 07:10 - 2015-01-25 16:12 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\NMYVUNJ
2015-04-09 07:09 - 2015-01-25 16:12 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\RNWPLZ
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\ZCMI
2015-04-09 07:09 - 2014-09-01 08:18 - 00001171 _____ () C:\Users\USER03\AppData\Roaming\XXUCRWI
2015-04-09 07:09 - 2014-09-01 08:18 - 00000365 _____ () C:\Users\USER03\AppData\Roaming\QGUDTAV
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\TornPlusTV_version1.11
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\6979ecd2-d558-405d-8f65-a7b30b7aebe8
2015-04-08 06:32 - 2015-02-21 11:23 - 00000000 ____D () C:\Program Files\30e2ede0-0e37-4215-bb79-1f9b4fb4b421
2015-04-08 06:32 - 2014-11-17 12:30 - 00000000 ____D () C:\ProgramData\cab4fbb2-1ac7-44d2-9b7d-0c921d8827f4
Task: {03A59802-CE7F-4400-AEB2-A118FEF4CB7A} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: {0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {140FB370-2A06-4BC4-8D51-C74D78FF270E} - \SPDriver No Task File <==== ATTENTION
Task: {1A915922-EC5C-4834-A0F8-15446CCBD737} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {1FADC4DE-8DC5-4C45-9972-9FF8717BAC68} - System32\Tasks\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78} => msiexec.exe /package "C:\Users\Hatim Benhammou\Downloads\iTunesSetup (N)\iTunes.msi"
Task: {21F51787-CD1D-41BE-ABAE-78820567616F} - System32\Tasks\RNWPLZ => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: {22048EE8-1340-45FE-8004-788F054A7F80} - System32\Tasks\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F} => pcalua.exe -a "C:\Users\Hatim Benhammou\Downloads\MSAC-US30_DriverInstaller.exe" -d "C:\Users\Hatim Benhammou\Downloads"
Task: {22C234CE-ECE3-470D-8960-A583354ED407} - System32\Tasks\YTAUpdate => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {2DBDB6F9-6911-4804-8C3F-14AE3AE02F10} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: {38335A49-0532-4595-AA98-6713DB511688} - System32\Tasks\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7} => C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b.exe [2015-04-07] ()
Task: {3B167875-384A-4726-A7F4-D8AA0FC03AE0} - System32\Tasks\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039} => pcalua.exe -a "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b\setuplauncher.exe" -d "C:\Users\USER03\Videos\Bitdfender Total Security 2015 + Trial-Reset\bitdefender_ts_18_32b"
Task: {3D93BFB2-7594-446B-BB50-E39708E7BB6C} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {3F730200-E771-4185-ADF9-D1B002769A61} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: {40D9D03C-24CA-4B69-B397-BEF2B55825FE} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: {4A105171-7552-4E5B-8914-8234757758E9} - System32\Tasks\{92536A0E-DC18-4D65-B802-B0F024745CFA} => pcalua.exe -a "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\UnInstall.exe" -d "C:\Program Files\Hewlett-Packard\HP Color LaserJet CP1210 Series\"
Task: {4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: {4D835E4E-7957-4140-96FA-F4B118DF1EE5} - \ShopperPro No Task File <==== ATTENTION
Task: {4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: {631B1D9A-B571-48D7-B629-F453E2C71805} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: {677DF04E-2238-45D3-89D5-00D764A2A04F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {9C699175-BA2E-4ED1-A53D-B49ACB6C7340} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A3967610-4F17-42C0-9162-585EA18F01F0} - System32\Tasks\NMYVUNJ => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: {A9511FDA-9977-4B11-867C-A41BD3190785} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: {AA657B54-0069-4EA4-9978-9E72226D2745} - System32\Tasks\{014B1993-8909-4733-8367-C057130F5149} => C:\Users\USER03\Downloads\install_flashplayer13x32_mssd_aaa_aih(1).exe
Task: {B40DDA3A-6D56-4397-B7B2-A5970451CE87} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: {B553F538-DBD9-4F72-8EED-DB230CBB8299} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7 => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: {B5A22707-9CE5-4F93-AAA8-78C5ACD227BE} - System32\Tasks\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B} => pcalua.exe -a C:\Users\USER03\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838} - System32\Tasks\AHTHXQM => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: {C0010D1C-1143-44AB-B464-F51E6B584300} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {C5C582E4-D51E-4BDF-859E-0FC4D6F1958A} - System32\Tasks\{2EC2A33E-348D-432B-86B3-83CBB0352618} => pcalua.exe -a "C:\Users\Hatim Benhammou\Desktop\Pilotes\Intel_Chipset-Software-Insta_A04_R304291_setup_ZPE.exe" -d "C:\Users\Hatim Benhammou\Desktop\Pilotes"
Task: {C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6 => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: {CDC03D56-BB90-47E7-8EB3-C89BF332FCD8} - System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: {CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0} - System32\Tasks\Security Center Update - 3172106264 => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
Task: {D389FECB-BD8C-4EF9-B62B-C57EB81825EE} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: {F615BE0E-4061-477C-A31B-828145B263B0} - System32\Tasks\IQKLG => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: {FEE881B8-42D7-4507-8038-03C914E61789} - System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job => C:\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job => C:\Program Files\TotalPlusHD-3.1V21.02\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AHTHXQM.job => C:\Users\USER03\AppData\Roaming\AHTHXQM.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IQKLG.job => C:\Users\USER03\AppData\Roaming\IQKLG.exe <==== ATTENTION
Task: C:\Windows\Tasks\NMYVUNJ.job => C:\Users\USER03\AppData\Roaming\NMYVUNJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\RNWPLZ.job => C:\Users\USER03\AppData\Roaming\RNWPLZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3172106264.job => C:\Users\USER03\AppData\Roaming\Rosuuv\uwbihic.exe <==== ATTENTION
C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk => Moved successfully.
C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk => Moved successfully.
C:\Users\USER03\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\HELP_DECRYPT.HTML => Moved successfully.
C:\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\USER03\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\HELP_DECRYPT.TXT => Moved successfully.
C:\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\USER03\HELP_DECRYPT.URL => Moved successfully.
C:\Users\HELP_DECRYPT.URL => Moved successfully.
C:\HELP_DECRYPT.URL => Moved successfully.
C:\Users\USER03\Downloads\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\USER03\Downloads\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\USER03\Downloads\HELP_DECRYPT.URL => Moved successfully.
C:\Users\USER03\Downloads\BitDefender total security 2015+activator-TORRENT.rar => Moved successfully.
C:\Users\USER03\Downloads\Activator BitDefender total security 2015.rar => Moved successfully.
C:\Users\USER03\Documents\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\USER03\Documents\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\USER03\Documents\HELP_DECRYPT.URL => Moved successfully.
C:\Users\USER03\Downloads\Bitdefender Antivirus Plus Wit Downloader.zip => Moved successfully.
C:\Users\Public\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Public\Downloads\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Public\Documents\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Public\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Public\Downloads\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Public\Documents\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Public\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Public\Downloads\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Public\Documents\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\Documents\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\AppData\HELP_DECRYPT.URL => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT => Moved successfully.
C:\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.URL => Moved successfully.
C:\ProgramData\HELP_DECRYPT.HTML => Moved successfully.
C:\ProgramData\HELP_DECRYPT.TXT => Moved successfully.
C:\ProgramData\HELP_DECRYPT.URL => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job => Moved successfully.
C:\Windows\Tasks\NMYVUNJ.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job => Moved successfully.
C:\Windows\Tasks\AHTHXQM.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job => Moved successfully.
C:\Windows\Tasks\RNWPLZ.job => Moved successfully.
C:\Windows\Tasks\IQKLG.job => Moved successfully.
C:\Users\USER03\AppData\Roaming\NMYVUNJ => Moved successfully.
C:\Users\USER03\AppData\Roaming\RNWPLZ => Moved successfully.
C:\Users\USER03\AppData\Roaming\ZCMI => Moved successfully.
C:\Users\USER03\AppData\Roaming\XXUCRWI => Moved successfully.
C:\Users\USER03\AppData\Roaming\QGUDTAV => Moved successfully.
C:\Program Files\TornPlusTV_version1.11 => Moved successfully.
C:\Program Files\6979ecd2-d558-405d-8f65-a7b30b7aebe8 => Moved successfully.
C:\Program Files\30e2ede0-0e37-4215-bb79-1f9b4fb4b421 => Moved successfully.
C:\ProgramData\cab4fbb2-1ac7-44d2-9b7d-0c921d8827f4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03A59802-CE7F-4400-AEB2-A118FEF4CB7A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03A59802-CE7F-4400-AEB2-A118FEF4CB7A}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D818D7E-0F7E-4641-8621-1F9AFCBBDDBE}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{140FB370-2A06-4BC4-8D51-C74D78FF270E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{140FB370-2A06-4BC4-8D51-C74D78FF270E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A915922-EC5C-4834-A0F8-15446CCBD737}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A915922-EC5C-4834-A0F8-15446CCBD737}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FADC4DE-8DC5-4C45-9972-9FF8717BAC68}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FADC4DE-8DC5-4C45-9972-9FF8717BAC68}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9376A337-0BA1-4AFB-AE78-C2E6116FBB78}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21F51787-CD1D-41BE-ABAE-78820567616F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21F51787-CD1D-41BE-ABAE-78820567616F}" => Key deleted successfully.
C:\Windows\System32\Tasks\RNWPLZ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RNWPLZ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22048EE8-1340-45FE-8004-788F054A7F80}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22048EE8-1340-45FE-8004-788F054A7F80}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E6C1836B-0AF0-42E8-90E5-51C997C3C78F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22C234CE-ECE3-470D-8960-A583354ED407}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C234CE-ECE3-470D-8960-A583354ED407}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTAUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2DBDB6F9-6911-4804-8C3F-14AE3AE02F10}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DBDB6F9-6911-4804-8C3F-14AE3AE02F10}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38335A49-0532-4595-AA98-6713DB511688}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38335A49-0532-4595-AA98-6713DB511688}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C340E4E6-A2C8-4A87-A157-FFDC9B8629F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B167875-384A-4726-A7F4-D8AA0FC03AE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B167875-384A-4726-A7F4-D8AA0FC03AE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DD872E1B-6C05-4F47-8441-BEBDCCEBC039}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D93BFB2-7594-446B-BB50-E39708E7BB6C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D93BFB2-7594-446B-BB50-E39708E7BB6C}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTAUpdate_logon => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate_logon" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3F730200-E771-4185-ADF9-D1B002769A61}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F730200-E771-4185-ADF9-D1B002769A61}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40D9D03C-24CA-4B69-B397-BEF2B55825FE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D9D03C-24CA-4B69-B397-BEF2B55825FE}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A105171-7552-4E5B-8914-8234757758E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A105171-7552-4E5B-8914-8234757758E9}" => Key deleted successfully.
C:\Windows\System32\Tasks\{92536A0E-DC18-4D65-B802-B0F024745CFA} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{92536A0E-DC18-4D65-B802-B0F024745CFA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C4366F9-1C12-4BEC-8CCA-D31FEC88CD01}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D835E4E-7957-4140-96FA-F4B118DF1EE5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D835E4E-7957-4140-96FA-F4B118DF1EE5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F0D1B5C-1ADB-4C5C-B53B-7CE7187E68DB}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{631B1D9A-B571-48D7-B629-F453E2C71805}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{631B1D9A-B571-48D7-B629-F453E2C71805}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{677DF04E-2238-45D3-89D5-00D764A2A04F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{677DF04E-2238-45D3-89D5-00D764A2A04F}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C699175-BA2E-4ED1-A53D-B49ACB6C7340}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C699175-BA2E-4ED1-A53D-B49ACB6C7340}" => Key deleted successfully.
C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A3967610-4F17-42C0-9162-585EA18F01F0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3967610-4F17-42C0-9162-585EA18F01F0}" => Key deleted successfully.
C:\Windows\System32\Tasks\NMYVUNJ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NMYVUNJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9511FDA-9977-4B11-867C-A41BD3190785}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9511FDA-9977-4B11-867C-A41BD3190785}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA657B54-0069-4EA4-9978-9E72226D2745}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA657B54-0069-4EA4-9978-9E72226D2745}" => Key deleted successfully.
C:\Windows\System32\Tasks\{014B1993-8909-4733-8367-C057130F5149} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{014B1993-8909-4733-8367-C057130F5149}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B40DDA3A-6D56-4397-B7B2-A5970451CE87}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B40DDA3A-6D56-4397-B7B2-A5970451CE87}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B553F538-DBD9-4F72-8EED-DB230CBB8299}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B553F538-DBD9-4F72-8EED-DB230CBB8299}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5A22707-9CE5-4F93-AAA8-78C5ACD227BE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5A22707-9CE5-4F93-AAA8-78C5ACD227BE}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E46ADD48-A21C-4E7D-BC5F-ED9F61AF506B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7F39D2A-03C3-4AAB-8EE4-80B9D2F8A838}" => Key deleted successfully.
C:\Windows\System32\Tasks\AHTHXQM => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AHTHXQM" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0010D1C-1143-44AB-B464-F51E6B584300}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0010D1C-1143-44AB-B464-F51E6B584300}" => Key deleted successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5C582E4-D51E-4BDF-859E-0FC4D6F1958A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C582E4-D51E-4BDF-859E-0FC4D6F1958A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2EC2A33E-348D-432B-86B3-83CBB0352618} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2EC2A33E-348D-432B-86B3-83CBB0352618}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6815C51-EF1A-42C2-8AC6-ECC2DE959B2F}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDC03D56-BB90-47E7-8EB3-C89BF332FCD8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDC03D56-BB90-47E7-8EB3-C89BF332FCD8}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFF2C1BB-4A6A-4B63-92FD-BD8D43CCDAE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 3172106264 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3172106264" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D389FECB-BD8C-4EF9-B62B-C57EB81825EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D389FECB-BD8C-4EF9-B62B-C57EB81825EE}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F615BE0E-4061-477C-A31B-828145B263B0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F615BE0E-4061-477C-A31B-828145B263B0}" => Key deleted successfully.
C:\Windows\System32\Tasks\IQKLG => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IQKLG" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FEE881B8-42D7-4507-8038-03C914E61789}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEE881B8-42D7-4507-8038-03C914E61789}" => Key deleted successfully.
C:\Windows\System32\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user" => Key deleted successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-6.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-1-7.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-10_user.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-4.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-5_user.job not found.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-6.job => Moved successfully.
C:\Windows\Tasks\3cf659c1-04f8-45ed-ace5-db11250327a7-7.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-6.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-1-7.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-10_user.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-4.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-5_user.job not found.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-6.job => Moved successfully.
C:\Windows\Tasks\8a861536-0308-4ce1-9b2d-eda2e3052f73-7.job not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AHTHXQM.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\IQKLG.job not found.
C:\Windows\Tasks\NMYVUNJ.job not found.
C:\Windows\Tasks\RNWPLZ.job not found.
C:\Windows\Tasks\Security Center Update - 3172106264.job => Moved successfully.
End of Fixlog 19:49:19
Merci
Fais un scan en ligne NOD32 : https://www.malekal.com/scan-antivirus-ligne-nod32/#NOD32
Enregistre le rapport et donne le ici.
Enregistre le rapport et donne le ici.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ok la première fois ça bloquait sur un film là je fais l'analyse rien que pour C, ça va suffire ou bien je lance D juste après ?!
Voici le rapport d'analyse incomplet d'hier, pour l'analyse de C: d'aujourd'hui est toujours bloqué à 99% mais je l'attend quand même :
C:\CoalaClient.old\portable\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\aide_dt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\aide_dt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\f_compl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\f_compl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\dti\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\dti\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\modeles\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\modeles\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\paye\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\paye\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\users\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\users\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\budgets\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\budgets\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\extens\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\extens\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\extens\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\extens\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\02\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\02\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\03\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\03\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\04\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\04\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\Bak\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\Bak\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\06\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\06\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\07\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\07\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\08\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\08\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\94\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\94\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\95\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\95\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\96\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\96\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\97\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\97\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\98\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\98\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\extens\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\extens\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\anneplus\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\anneplus\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\editeur\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\editeur\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\gra_liv_cyc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\gra_liv_cyc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\ifrs\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\ifrs\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\m09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\m09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\MS09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\MS09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\param\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\param\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\graph\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\graph\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\08\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\08\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\06\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\06\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\07\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\07\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\08\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\08\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\cerfa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\cerfa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\n4ds\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\n4ds\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\messagerie\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\messagerie\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\html\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\html\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\txt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\txt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\dossier\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\dossier\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\edi\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\edi\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\eurl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\eurl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sarl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sarl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sas\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sas\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\scagri\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\scagri\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sci\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sci\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--eurl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--eurl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--sas\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--sas\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\eurl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\eurl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sarl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sarl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sas\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sas\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sasu\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sasu\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sci\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sci\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\lettmiss\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\lettmiss\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\migration\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\migration\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\DIF\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\DIF\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\prog\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\prog\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\pictures\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\pictures\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\accueil\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\accueil\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\nav\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\nav\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\http\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\http\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\balacomp\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\balacomp\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\doc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\doc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\excel-ole\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\excel-ole\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\bases\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\bases\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\calc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\calc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle14\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle14\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle15\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle15\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle16\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle16\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle17\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle17\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle18\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle18\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle3\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle3\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle4\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle4\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle5\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle5\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle6\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle6\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle7\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle7\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle9\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle9\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle14\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle14\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle15\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle15\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle16\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle16\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle18\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle18\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle3\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle3\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle4\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle4\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle5\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle5\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle6\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle6\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle7\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle7\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle9\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle9\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\m09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\m09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\MS09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\MS09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\3012012\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\3012012\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\de-DE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\de-DE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\en-US\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\en-US\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\fr-FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\fr-FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\it-IT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\it-IT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ja-JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ja-JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ko-KR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ko-KR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\pt-BR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\pt-BR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-CN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-CN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-TW\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-TW\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\MediaSDK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\MediaSDK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\de-DE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\de-DE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\en-US\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\en-US\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\fr-FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\fr-FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\it-IT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\it-IT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ja-JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ja-JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ko-KR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ko-KR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\pt-BR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\pt-BR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-CN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-CN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-TW\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-TW\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\MediaSDK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\MediaSDK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\350G4\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\350G4\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\3MV80\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\3MV80\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\47KHD\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\47KHD\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\59T23\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\59T23\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Br\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Br\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\DA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\DA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FI\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FI\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Gr\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Gr\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\It\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\It\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\KO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\KO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\RU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\RU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\TH\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\TH\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Us\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Us\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\PNHCT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\PNHCT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\R285455\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\R285455\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\R309372\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\R309372\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\R42YR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\R42YR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CSY\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CSY\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DAN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DAN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DEU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DEU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ELL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ELL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENG\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENG\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ESP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ESP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FIN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FIN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRC\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRC\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HEB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HEB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HUN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HUN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ITA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ITA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\JPN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\JPN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\KOR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\KOR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NLD\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NLD\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NOR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NOR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PLK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PLK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTG\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTG\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\RUS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\RUS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\SVE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\SVE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\THA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\THA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\TRK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\TRK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\V320T\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\V320T\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ar-SA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ar-SA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\cs-CZ\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\cs-CZ\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\da-DK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\da-DK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\de-DE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\de-DE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\el-GR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\el-GR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\en-US\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\en-US\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\es-ES\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\es-ES\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fi-FI\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fi-FI\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fr-FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fr-FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\he-IL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\he-IL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\hu-HU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\hu-HU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\it-IT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\it-IT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ja-JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ja-JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ko-KR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ko-KR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nb-NO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nb-NO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nl-NL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nl-NL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pl-PL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pl-PL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-BR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-BR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-PT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-PT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ru-RU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ru-RU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sk-SK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sk-SK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sl-SI\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sl-SI\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sv-SE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sv-SE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\th-TH\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\th-TH\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\tr-TR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\tr-TR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-CN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-CN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-TW\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-TW\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\LMS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\LMS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\UNS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\UNS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\SatAngels_KeyUpdater_E2_1.3._ipk\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\SatAngels_KeyUpdater_E2_1.3._ipk\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Downloads\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Downloads\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Downloads\dreamset242\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Downloads\dreamset242\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Downloads\WHv3\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Downloads\WHv3\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7.xpi JS/Toolbar.Crossrider.F potentially unwanted application
C:\FRST\Quarantine\C\Program Files\TornPlusTV_version1.11\utils.exe Win32/Packed.VMDetector.I potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\ProgramData\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Documents\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Documents\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Downloads\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Downloads\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Documents\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Documents\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Downloads\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Downloads\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\inetpub\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Intel\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Intel\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Intel\autre\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Intel\autre\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\data\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\data\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\nrm\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\nrm\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\Smp\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\Smp\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetComptweds\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetComptweds\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetComptweds\data\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetComptweds\data\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetComptweds\data\smp\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetComptweds\data\smp\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\LG Electronics\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\LG Electronics\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\LG Electronics\LDU-1900D\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\LG Electronics\LDU-1900D\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\PCM99\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\PCM99\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\PCM99\Documents\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\PCM99\Documents\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Program Files\AskBarDis\bar\bin\askBar.dll a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\AskBarDis\bar\bin\AskService.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\Vuze\.install4j\i4j_extf_11_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\Vuze\.install4j\i4j_extf_9_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\SC Info\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\SC Info\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Avira\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Avira\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Azureus\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Azureus\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\images\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\images\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Installations\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Installations\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Installations\{1245703E-0A41-4C00-BF3B-24273105DA32}\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Installations\{1245703E-0A41-4C00-BF3B-24273105DA32}\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel\WiMaxData\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel\WiMaxData\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\WiMaxData\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\WiMaxData\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Internet Mobile\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Internet Mobile\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Internet Mobile\log\H
C:\CoalaClient.old\portable\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\aide_dt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\aide_dt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\f_compl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\darc\f_compl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\dti\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\dti\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\modeles\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\ole\modeles\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\paye\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\excel\paye\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\users\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\install\users\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\budgets\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\budgets\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\extens\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\00\extens\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\extens\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\01\extens\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\02\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\02\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\03\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\03\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\04\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\04\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\Bak\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\05\Bak\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\06\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\06\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\07\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\07\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\08\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\08\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\94\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\94\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\95\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\95\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\96\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\96\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\97\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\97\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\98\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\98\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\extens\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\99\extens\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\anneplus\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\anneplus\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\editeur\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\editeur\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\gra_liv_cyc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\gra_liv_cyc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\ifrs\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\ifrs\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\m09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\m09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\MS09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\MS09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\param\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\compta\param\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\dossier\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\gestion2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\graph\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\graph\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\08\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\08\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\immos\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\06\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\06\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\07\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\07\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\08\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\08\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\cerfa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\cerfa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\n4ds\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\ps\paye2\n4ds\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\messagerie\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\txt\messagerie\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\html\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\html\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\txt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\compta\txt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\dossier\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\dossier\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\edi\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\edi\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\gestion2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\eurl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\eurl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sarl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sarl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sas\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sas\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\scagri\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\scagri\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sci\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\agoa\sci\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--eurl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--eurl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--sas\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\--sas\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\eurl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\eurl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sa\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sa\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sarl\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sarl\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sas\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sas\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sasu\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sasu\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sci\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\juridiqu\ncc\agoa\sci\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\lettmiss\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\lettmiss\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\migration\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\migration\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\DIF\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\DIF\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\prog\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\word\paye2\prog\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\pictures\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\background\pictures\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\accueil\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\dossierx\accueil\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\nav\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\global\print\xtml\images\nav\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\http\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\bin\http\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\balacomp\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\classes\balacomp\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\doc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\doc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\excel-ole\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\excel-ole\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\bases\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\paye2\bases\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\calc\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\calc\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle14\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle14\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle15\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle15\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle16\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle16\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle17\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle17\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle18\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle18\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle3\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle3\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle4\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle4\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle5\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle5\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle6\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle6\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle7\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle7\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle9\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.1\cycle9\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle10\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle10\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle12\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle12\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle14\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle14\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle15\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle15\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle16\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle16\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle18\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle18\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle2\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle2\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle3\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle3\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle4\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle4\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle5\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle5\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle6\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle6\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle7\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle7\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle9\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\modeles\revision\OpenRevisionV1.2\cycle9\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\m09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\m09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\MS09\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\CoalaClient.old\portable\local\print\ps\compta\MS09\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\3012012\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\3012012\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\de-DE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\de-DE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\en-US\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\en-US\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\fr-FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\fr-FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\it-IT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\it-IT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ja-JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ja-JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ko-KR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\ko-KR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\pt-BR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\pt-BR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-CN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-CN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-TW\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\lang\zh-TW\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\MediaSDK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Graphics\MediaSDK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\de-DE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\de-DE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\en-US\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\en-US\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\fr-FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\fr-FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\it-IT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\it-IT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ja-JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ja-JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ko-KR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\ko-KR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\pt-BR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\pt-BR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-CN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-CN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-TW\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\Lang\zh-TW\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\MediaSDK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\33RW8\MediaSDK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\350G4\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\350G4\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\3MV80\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\3MV80\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\47KHD\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\47KHD\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\59T23\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\59T23\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Br\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Br\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\CT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\DA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\DA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FI\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FI\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Gr\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Gr\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\It\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\It\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\KO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\KO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\NO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\PT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\RU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\RU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\SP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\TH\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\TH\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Us\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\CT03G\Language\Us\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\PNHCT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\PNHCT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\R285455\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\R285455\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\R309372\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\R309372\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\R42YR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\R42YR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ARB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CHT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CSY\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\CSY\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DAN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DAN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DEU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\DEU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ELL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ELL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENG\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENG\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ENU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ESP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ESP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FIN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FIN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRC\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\FRC\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HEB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HEB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HUN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\HUN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ITA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\ITA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\JPN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\JPN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\KOR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\KOR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NLD\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NLD\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NOR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\NOR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PLK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PLK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTG\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\PTG\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\RUS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\RUS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\SVE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\SVE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\THA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\THA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\TRK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\T4TP8\Lang\CHIP\TRK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\V320T\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\V320T\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ar-SA\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ar-SA\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\cs-CZ\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\cs-CZ\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\da-DK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\da-DK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\de-DE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\de-DE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\el-GR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\el-GR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\en-US\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\en-US\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\es-ES\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\es-ES\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fi-FI\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fi-FI\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fr-FR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\fr-FR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\he-IL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\he-IL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\hu-HU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\hu-HU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\it-IT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\it-IT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ja-JP\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ja-JP\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ko-KR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ko-KR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nb-NO\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nb-NO\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nl-NL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\nl-NL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pl-PL\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pl-PL\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-BR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-BR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-PT\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\pt-PT\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ru-RU\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\ru-RU\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sk-SK\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sk-SK\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sl-SI\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sl-SI\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sv-SE\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\sv-SE\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\th-TH\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\th-TH\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\tr-TR\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\tr-TR\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-CN\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-CN\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-TW\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\Lang\zh-TW\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\LMS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\LMS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\UNS\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\Drivers\XKRMC\UNS\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Dell\SatAngels_KeyUpdater_E2_1.3._ipk\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Dell\SatAngels_KeyUpdater_E2_1.3._ipk\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Downloads\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Downloads\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Downloads\dreamset242\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Downloads\dreamset242\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Downloads\WHv3\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Downloads\WHv3\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Program Files\TornPlusTV_version1.11\3cf659c1-04f8-45ed-ace5-db11250327a7.xpi JS/Toolbar.Crossrider.F potentially unwanted application
C:\FRST\Quarantine\C\Program Files\TornPlusTV_version1.11\utils.exe Win32/Packed.VMDetector.I potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\ProgramData\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Local\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\AppData\Roaming\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Documents\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Documents\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Hatim Benhammou\Downloads\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Documents\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Documents\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Downloads\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\Public\Downloads\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Documents\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Documents\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Downloads\HELP_DECRYPT.HTML.xBAD Win32/Filecoder.CR trojan
C:\FRST\Quarantine\C\Users\USER03\Downloads\HELP_DECRYPT.TXT.xBAD Win32/Filecoder.CR trojan
C:\inetpub\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\2_0_50727\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\inetpub\wwwroot\aspnet_client\system_web\4_0_30319\crystalreportviewers13\js\MochiKit\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Intel\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Intel\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Intel\autre\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\Intel\autre\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\data\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\data\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\nrm\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\nrm\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\Smp\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetCompt\weds\data\Smp\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetComptweds\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetComptweds\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetComptweds\data\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetComptweds\data\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\JetComptweds\data\smp\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\JetComptweds\data\smp\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\LG Electronics\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\LG Electronics\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\LG Electronics\LDU-1900D\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\LG Electronics\LDU-1900D\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\PCM99\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\PCM99\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\PCM99\Documents\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\PCM99\Documents\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\Program Files\AskBarDis\bar\bin\askBar.dll a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\AskBarDis\bar\bin\AskService.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\Vuze\.install4j\i4j_extf_11_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files\Vuze\.install4j\i4j_extf_9_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\SC Info\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Apple Computer\iTunes\SC Info\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Avira\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Avira\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Azureus\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Azureus\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\images\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\FLEXnet\Connect\11\ui\images\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Installations\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Installations\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Installations\{1245703E-0A41-4C00-BF3B-24273105DA32}\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Installations\{1245703E-0A41-4C00-BF3B-24273105DA32}\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel\WiMaxData\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel\WiMaxData\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\WiMaxData\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Intel.sav\WiMaxData\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Internet Mobile\HELP_DECRYPT.HTML Win32/Filecoder.CR trojan
C:\ProgramData\Internet Mobile\HELP_DECRYPT.TXT Win32/Filecoder.CR trojan
C:\ProgramData\Internet Mobile\log\H
le voilà
https://pjjoint.malekal.com/files.php?id=20150411_l13b15f10d11y15
et merci bcp pour ta réactivité
https://pjjoint.malekal.com/files.php?id=20150411_l13b15f10d11y15
et merci bcp pour ta réactivité
ok NOD32 a dû virer tous les Helper_Decrypt.
Dans ton rapport FRST, tu avais aussi ça qui est une infection qui se propage par les médias amovibles :
Startup: C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
Startup: C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
NOD32 en a viré :
C:\security\system.vbs VBS/AutoRun.HX worm
C:\Users\USER03\Desktop\Cl? 17062013\dossiers scan?s restants.lnk VBS/AutoRun.HX worm
C:\Users\USER03\Desktop\USB Temp\Perso\recordfile.lnk VBS/AutoRun.HX worm
D:\$RECYCLE.BIN.lnk VBS/AutoRun.HX worm
D:\img.jpg VBS/Agent.NHG worm
D:\NTDETE VBS/Agent.NHW trojan
D:\Photo0.jpg VBS/Agent.NHW trojan
Supprime le dossier C:\Security
Tu avais aussi beaucoup d'adwares.
Je suis étonné que BitDefender laisse passer tout cela,
il fonctionne ton BitDefender, il est à jour ?
ou tu l'as installé après ?
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Dans ton rapport FRST, tu avais aussi ça qui est une infection qui se propage par les médias amovibles :
Startup: C:\Users\Hatim Benhammou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
Startup: C:\Users\USER03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start.lnk
NOD32 en a viré :
C:\security\system.vbs VBS/AutoRun.HX worm
C:\Users\USER03\Desktop\Cl? 17062013\dossiers scan?s restants.lnk VBS/AutoRun.HX worm
C:\Users\USER03\Desktop\USB Temp\Perso\recordfile.lnk VBS/AutoRun.HX worm
D:\$RECYCLE.BIN.lnk VBS/AutoRun.HX worm
D:\img.jpg VBS/Agent.NHG worm
D:\NTDETE VBS/Agent.NHW trojan
D:\Photo0.jpg VBS/Agent.NHW trojan
Supprime le dossier C:\Security
Tu avais aussi beaucoup d'adwares.
Je suis étonné que BitDefender laisse passer tout cela,
il fonctionne ton BitDefender, il est à jour ?
ou tu l'as installé après ?
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Après c'est bon, éventuellement nettoye tes clefs USB avec USBFix, voir : http://www.supprimer-virus.com/vbsautorun-et-worm-vbsagent/
~~
Tu as été infecté soit par un mail malicieux,
soit par des exploits kits (voir ci-dessous).
Sécurise ton PC - surtout désactive bien java de tes navigateurs WEB !
Important - ton infection est venue par un exploit sur site web :
Un exploit sur site WEB permet l'infection de ton ordinateur de manière automatiquement à la visite d'un site WEB qui a été hacké, il tire partie du fait que tu as des logiciels (Java, Adobe Reader etc) qui sont pas à jour et possèdent des vulnérabilités qui permettent l'execution de code (malicieux dans notre cas) à ton insu.
Le fait de ne pas avoir des logiciels à jour et qui ont potentiellement des vulnérabilités permettent donc d'infecter ton système.
Exemple avec : Exploit Java
Il faut donc impérativement maintenir tes logiciels à jour afin de ne pas voir ces portes d'entrée sur ton système.
Tant que ces logiciels ne seront pas à jour, ton PC est vulnérable et les infections peuvent s'installer facilement.
IMPORTANT : mettre à jour tes programmes notamment Java/Adobe Reader et Flash :
/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
https://forum.malekal.com/viewtopic.php?t=15960&start=
Désactive Java de tes navigateurs WEB : https://www.commentcamarche.net/faq/35621-desactiver-java-sur-ses-navigateurs-web
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
~~
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
~~
Tu as été infecté soit par un mail malicieux,
soit par des exploits kits (voir ci-dessous).
Sécurise ton PC - surtout désactive bien java de tes navigateurs WEB !
Important - ton infection est venue par un exploit sur site web :
Un exploit sur site WEB permet l'infection de ton ordinateur de manière automatiquement à la visite d'un site WEB qui a été hacké, il tire partie du fait que tu as des logiciels (Java, Adobe Reader etc) qui sont pas à jour et possèdent des vulnérabilités qui permettent l'execution de code (malicieux dans notre cas) à ton insu.
Le fait de ne pas avoir des logiciels à jour et qui ont potentiellement des vulnérabilités permettent donc d'infecter ton système.
Exemple avec : Exploit Java
Il faut donc impérativement maintenir tes logiciels à jour afin de ne pas voir ces portes d'entrée sur ton système.
Tant que ces logiciels ne seront pas à jour, ton PC est vulnérable et les infections peuvent s'installer facilement.
IMPORTANT : mettre à jour tes programmes notamment Java/Adobe Reader et Flash :
/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
https://forum.malekal.com/viewtopic.php?t=15960&start=
Désactive Java de tes navigateurs WEB : https://www.commentcamarche.net/faq/35621-desactiver-java-sur-ses-navigateurs-web
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
~~
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Juste une précision apparemment NOD32 n'a pas enlevé les infections soulevées puisque dans la colonne action il n'a rien mis en plus ces fichiers:
D:\$RECYCLE.BIN.lnk VBS/AutoRun.HX worm
D:\img.jpg VBS/Agent.NHG worm
D:\NTDETE VBS/Agent.NHW trojan
D:\Photo0.jpg VBS/Agent.NHW trojan
je les trouve toujours
je relance en mode sans echec et je refais l'analyse avec Bitdefender ou bien je retente NOD32 a ce qu'il puisse terminer l'analyse à 100%??
D:\$RECYCLE.BIN.lnk VBS/AutoRun.HX worm
D:\img.jpg VBS/Agent.NHG worm
D:\NTDETE VBS/Agent.NHW trojan
D:\Photo0.jpg VBS/Agent.NHW trojan
je les trouve toujours
je relance en mode sans echec et je refais l'analyse avec Bitdefender ou bien je retente NOD32 a ce qu'il puisse terminer l'analyse à 100%??
Fais un nettoyage USBFix comme indiqué dans le lien que j'ai donné, ça devrait régler le problème.
Éventuellement, il peut-être conseillé de désactiver les scripts VBS / WSH, comme expliqué sur le dossier : Malware VBS/WSH
Éventuellement, il peut-être conseillé de désactiver les scripts VBS / WSH, comme expliqué sur le dossier : Malware VBS/WSH
https://pjjoint.malekal.com/files.php?id=20150410_p11i13r8p8y8
https://pjjoint.malekal.com/files.php?id=20150410_x10y11x7i10x12
https://pjjoint.malekal.com/files.php?id=20150410_w6d7e14e13j10
Merci encore une fois