A voir également:
- Shortcut s.o.s
- Qwerty to azerty shortcut - Guide
- Shortcut virus remover v3.1 - Télécharger - Antivirus & Antimalwares
- Shortcut cleaner - Télécharger - Nettoyage
- Shortcut capture d'écran - Guide
- Shortcut majuscule minuscule - Guide
4 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
20 mai 2015 à 19:19
20 mai 2015 à 19:19
Salut,
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
rebonjour , merci de votre aide
voici les liens
http://pjjoint.malekal.com/files.php?id=20150520_x10q12l8w9d14
http://pjjoint.malekal.com/files.php?id=20150520_t10w8q10f14l14
http://pjjoint.malekal.com/files.php?id=20150520_g9c13u11g14v7
voici les liens
http://pjjoint.malekal.com/files.php?id=20150520_x10q12l8w9d14
http://pjjoint.malekal.com/files.php?id=20150520_t10w8q10f14l14
http://pjjoint.malekal.com/files.php?id=20150520_g9c13u11g14v7
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
Modifié par Malekal_morte- le 20/05/2015 à 19:51
Modifié par Malekal_morte- le 20/05/2015 à 19:51
Il n'y a pas d'antivirus installé sur l'ordinateur, et Windows XP pas à jour, forcément ça n'aide pas.
Pour le moment, n'utilise pas de clefs USB.
Envoie le fichier C:\Program Files\DjrRJElI\qokyamac.exe sur http://upload.malekal.com ou par email en le zippant à l'adresse spamhere-@wanadoo.fr
ensuite :
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
IFEO\360hotfix.exe: [Debugger] ntsd -d
IFEO\360rpt.exe: [Debugger] ntsd -d
IFEO\360Safe.exe: [Debugger] ntsd -d
IFEO\360safebox.exe: [Debugger] ntsd -d
IFEO\360tray.exe: [Debugger] ntsd -d
IFEO\adam.exe: [Debugger] ntsd -d
IFEO\AgentSvr.exe: [Debugger] ntsd -d
IFEO\AntiArp.exe: [Debugger] ntsd -d
IFEO\AppSvc32.exe: [Debugger] ntsd -d
IFEO\arvmon.exe: [Debugger] ntsd -d
IFEO\AutoGuarder.exe: [Debugger] ntsd -d
IFEO\autoruns.exe: [Debugger] ntsd -d
IFEO\avgrssvc.exe: [Debugger] ntsd -d
IFEO\AvMonitor.exe: [Debugger] ntsd -d
IFEO\avp.com: [Debugger] ntsd -d
IFEO\avp.exe: [Debugger] ntsd -d
IFEO\CCenter.exe: [Debugger] ntsd -d
IFEO\ccSvcHst.exe: [Debugger] ntsd -d
IFEO\FileDsty.exe: [Debugger] ntsd -d
IFEO\findt2005.exe: [Debugger] ntsd -d
IFEO\FTCleanerShell.exe: [Debugger] ntsd -d
IFEO\HijackThis.exe: [Debugger] ntsd -d
IFEO\IceSword.exe: [Debugger] ntsd -d
IFEO\iparmo.exe: [Debugger] ntsd -d
IFEO\Iparmor.exe: [Debugger] ntsd -d
IFEO\IsHelp.exe: [Debugger] ntsd -d
IFEO\isPwdSvc.exe: [Debugger] ntsd -d
IFEO\kabaload.exe: [Debugger] ntsd -d
IFEO\KaScrScn.SCR: [Debugger] ntsd -d
IFEO\KASMain.exe: [Debugger] ntsd -d
IFEO\KASTask.exe: [Debugger] ntsd -d
IFEO\KAV32.exe: [Debugger] ntsd -d
IFEO\KAVDX.exe: [Debugger] ntsd -d
IFEO\KAVPFW.exe: [Debugger] ntsd -d
IFEO\KAVSetup.exe: [Debugger] ntsd -d
IFEO\KAVStart.exe: [Debugger] ntsd -d
IFEO\killhidepid.exe: [Debugger] ntsd -d
IFEO\KISLnchr.exe: [Debugger] ntsd -d
IFEO\KMailMon.exe: [Debugger] ntsd -d
IFEO\KMFilter.exe: [Debugger] ntsd -d
IFEO\KPFW32.exe: [Debugger] ntsd -d
IFEO\KPFW32X.exe: [Debugger] ntsd -d
IFEO\KPFWSvc.exe: [Debugger] ntsd -d
IFEO\KRepair.COM: [Debugger] ntsd -d
IFEO\KsLoader.exe: [Debugger] ntsd -d
IFEO\KVCenter.kxp: [Debugger] ntsd -d
IFEO\KvDetect.exe: [Debugger] ntsd -d
IFEO\kvfw.exe: [Debugger] ntsd -d
IFEO\KvfwMcl.exe: [Debugger] ntsd -d
IFEO\KVMonXP.kxp: [Debugger] ntsd -d
IFEO\KVMonXP_1.kxp: [Debugger] ntsd -d
IFEO\kvol.exe: [Debugger] ntsd -d
IFEO\kvolself.exe: [Debugger] ntsd -d
IFEO\KvReport.kxp: [Debugger] ntsd -d
IFEO\KVScan.kxp: [Debugger] ntsd -d
IFEO\KVSrvXP.exe: [Debugger] ntsd -d
IFEO\KVStub.kxp: [Debugger] ntsd -d
IFEO\kvupload.exe: [Debugger] ntsd -d
IFEO\kvwsc.exe: [Debugger] ntsd -d
IFEO\KvXP.kxp: [Debugger] ntsd -d
IFEO\KvXP_1.kxp: [Debugger] ntsd -d
IFEO\KWatch.exe: [Debugger] ntsd -d
IFEO\KWatch9x.exe: [Debugger] ntsd -d
IFEO\KWatchX.exe: [Debugger] ntsd -d
IFEO\LiveUpdate360.exe: [Debugger] ntsd -d
IFEO\loaddll.exe: [Debugger] ntsd -d
IFEO\MagicSet.exe: [Debugger] ntsd -d
IFEO\mcconsol.exe: [Debugger] ntsd -d
IFEO\mmqczj.exe: [Debugger] ntsd -d
IFEO\mmsk.exe: [Debugger] ntsd -d
IFEO\NAVSetup.exe: [Debugger] ntsd -d
IFEO\nod32krn.exe: [Debugger] ntsd -d
IFEO\nod32kui.exe: [Debugger] ntsd -d
IFEO\PFW.exe: [Debugger] ntsd -d
IFEO\PFWLiveUpdate.exe: [Debugger] ntsd -d
IFEO\QHSET.exe: [Debugger] ntsd -d
IFEO\Ras.exe: [Debugger] ntsd -d
IFEO\Rav.exe: [Debugger] ntsd -d
IFEO\RavCopy.exe: [Debugger] ntsd -d
IFEO\RavMon.exe: [Debugger] ntsd -d
IFEO\RavMonD.exe: [Debugger] ntsd -d
IFEO\RavStore.exe: [Debugger] ntsd -d
IFEO\RavStub.exe: [Debugger] ntsd -d
IFEO\ravt08.exe: [Debugger] ntsd -d
IFEO\RavTask.exe: [Debugger] ntsd -d
IFEO\RegClean.exe: [Debugger] ntsd -d
IFEO\RegEx.exe: [Debugger] ntsd -d
IFEO\rfwcfg.exe: [Debugger] ntsd -d
IFEO\RfwMain.exe: [Debugger] ntsd -d
IFEO\rfwolusr.exe: [Debugger] ntsd -d
IFEO\rfwProxy.exe: [Debugger] ntsd -d
IFEO\rfwsrv.exe: [Debugger] ntsd -d
IFEO\RsAgent.exe: [Debugger] ntsd -d
IFEO\Rsaupd.exe: [Debugger] ntsd -d
IFEO\RsMain.exe: [Debugger] ntsd -d
IFEO\rsnetsvr.exe: [Debugger] ntsd -d
IFEO\RSTray.exe: [Debugger] ntsd -d
IFEO\runiep.exe: [Debugger] ntsd -d
IFEO\safebank.exe: [Debugger] ntsd -d
IFEO\safeboxTray.exe: [Debugger] ntsd -d
IFEO\safelive.exe: [Debugger] ntsd -d
IFEO\scan32.exe: [Debugger] ntsd -d
IFEO\ScanFrm.exe: [Debugger] ntsd -d
IFEO\shcfg32.exe: [Debugger] ntsd -d
IFEO\smartassistant.exe: [Debugger] ntsd -d
IFEO\SmartUp.exe: [Debugger] ntsd -d
IFEO\SREng.exe: [Debugger] ntsd -d
IFEO\SREngPS.exe: [Debugger] ntsd -d
IFEO\symlcsvc.exe: [Debugger] ntsd -d
IFEO\syscheck.exe: [Debugger] ntsd -d
IFEO\Syscheck2.exe: [Debugger] ntsd -d
IFEO\SysSafe.exe: [Debugger] ntsd -d
IFEO\ToolsUp.exe: [Debugger] ntsd -d
IFEO\TrojanDetector.exe: [Debugger] ntsd -d
IFEO\Trojanwall.exe: [Debugger] ntsd -d
IFEO\TrojDie.kxp: [Debugger] ntsd -d
IFEO\UIHost.exe: [Debugger] ntsd -d
IFEO\UmxAgent.exe: [Debugger] ntsd -d
IFEO\UmxAttachment.exe: [Debugger] ntsd -d
IFEO\UmxCfg.exe: [Debugger] ntsd -d
IFEO\UmxFwHlp.exe: [Debugger] ntsd -d
IFEO\UmxPol.exe: [Debugger] ntsd -d
IFEO\UpLive.exe: [Debugger] ntsd -d
IFEO\WoptiClean.exe: [Debugger] ntsd -d
IFEO\zxsweep.exe: [Debugger] ntsd -d
Startup: C:\Documents and Settings\redouan\Menu Démarrer\Programmes\Démarrage\qokyamac.exe [2015-05-05] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,,C:\Program Files\DjrRJElI\qokyamac.exe
2015-05-05 10:32 - 2015-05-05 10:32 - 00000000 ____D () C:\Program Files\DjrRJElI
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis :
Fais un scan en ligne NOD32 : https://www.malekal.com/scan-antivirus-ligne-nod32/#NOD32
Enregistre le rapport
Envoie le sur http://pjjoint.malekal.com
Donne le lien ici.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Pour le moment, n'utilise pas de clefs USB.
Envoie le fichier C:\Program Files\DjrRJElI\qokyamac.exe sur http://upload.malekal.com ou par email en le zippant à l'adresse spamhere-@wanadoo.fr
ensuite :
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
IFEO\360hotfix.exe: [Debugger] ntsd -d
IFEO\360rpt.exe: [Debugger] ntsd -d
IFEO\360Safe.exe: [Debugger] ntsd -d
IFEO\360safebox.exe: [Debugger] ntsd -d
IFEO\360tray.exe: [Debugger] ntsd -d
IFEO\adam.exe: [Debugger] ntsd -d
IFEO\AgentSvr.exe: [Debugger] ntsd -d
IFEO\AntiArp.exe: [Debugger] ntsd -d
IFEO\AppSvc32.exe: [Debugger] ntsd -d
IFEO\arvmon.exe: [Debugger] ntsd -d
IFEO\AutoGuarder.exe: [Debugger] ntsd -d
IFEO\autoruns.exe: [Debugger] ntsd -d
IFEO\avgrssvc.exe: [Debugger] ntsd -d
IFEO\AvMonitor.exe: [Debugger] ntsd -d
IFEO\avp.com: [Debugger] ntsd -d
IFEO\avp.exe: [Debugger] ntsd -d
IFEO\CCenter.exe: [Debugger] ntsd -d
IFEO\ccSvcHst.exe: [Debugger] ntsd -d
IFEO\FileDsty.exe: [Debugger] ntsd -d
IFEO\findt2005.exe: [Debugger] ntsd -d
IFEO\FTCleanerShell.exe: [Debugger] ntsd -d
IFEO\HijackThis.exe: [Debugger] ntsd -d
IFEO\IceSword.exe: [Debugger] ntsd -d
IFEO\iparmo.exe: [Debugger] ntsd -d
IFEO\Iparmor.exe: [Debugger] ntsd -d
IFEO\IsHelp.exe: [Debugger] ntsd -d
IFEO\isPwdSvc.exe: [Debugger] ntsd -d
IFEO\kabaload.exe: [Debugger] ntsd -d
IFEO\KaScrScn.SCR: [Debugger] ntsd -d
IFEO\KASMain.exe: [Debugger] ntsd -d
IFEO\KASTask.exe: [Debugger] ntsd -d
IFEO\KAV32.exe: [Debugger] ntsd -d
IFEO\KAVDX.exe: [Debugger] ntsd -d
IFEO\KAVPFW.exe: [Debugger] ntsd -d
IFEO\KAVSetup.exe: [Debugger] ntsd -d
IFEO\KAVStart.exe: [Debugger] ntsd -d
IFEO\killhidepid.exe: [Debugger] ntsd -d
IFEO\KISLnchr.exe: [Debugger] ntsd -d
IFEO\KMailMon.exe: [Debugger] ntsd -d
IFEO\KMFilter.exe: [Debugger] ntsd -d
IFEO\KPFW32.exe: [Debugger] ntsd -d
IFEO\KPFW32X.exe: [Debugger] ntsd -d
IFEO\KPFWSvc.exe: [Debugger] ntsd -d
IFEO\KRepair.COM: [Debugger] ntsd -d
IFEO\KsLoader.exe: [Debugger] ntsd -d
IFEO\KVCenter.kxp: [Debugger] ntsd -d
IFEO\KvDetect.exe: [Debugger] ntsd -d
IFEO\kvfw.exe: [Debugger] ntsd -d
IFEO\KvfwMcl.exe: [Debugger] ntsd -d
IFEO\KVMonXP.kxp: [Debugger] ntsd -d
IFEO\KVMonXP_1.kxp: [Debugger] ntsd -d
IFEO\kvol.exe: [Debugger] ntsd -d
IFEO\kvolself.exe: [Debugger] ntsd -d
IFEO\KvReport.kxp: [Debugger] ntsd -d
IFEO\KVScan.kxp: [Debugger] ntsd -d
IFEO\KVSrvXP.exe: [Debugger] ntsd -d
IFEO\KVStub.kxp: [Debugger] ntsd -d
IFEO\kvupload.exe: [Debugger] ntsd -d
IFEO\kvwsc.exe: [Debugger] ntsd -d
IFEO\KvXP.kxp: [Debugger] ntsd -d
IFEO\KvXP_1.kxp: [Debugger] ntsd -d
IFEO\KWatch.exe: [Debugger] ntsd -d
IFEO\KWatch9x.exe: [Debugger] ntsd -d
IFEO\KWatchX.exe: [Debugger] ntsd -d
IFEO\LiveUpdate360.exe: [Debugger] ntsd -d
IFEO\loaddll.exe: [Debugger] ntsd -d
IFEO\MagicSet.exe: [Debugger] ntsd -d
IFEO\mcconsol.exe: [Debugger] ntsd -d
IFEO\mmqczj.exe: [Debugger] ntsd -d
IFEO\mmsk.exe: [Debugger] ntsd -d
IFEO\NAVSetup.exe: [Debugger] ntsd -d
IFEO\nod32krn.exe: [Debugger] ntsd -d
IFEO\nod32kui.exe: [Debugger] ntsd -d
IFEO\PFW.exe: [Debugger] ntsd -d
IFEO\PFWLiveUpdate.exe: [Debugger] ntsd -d
IFEO\QHSET.exe: [Debugger] ntsd -d
IFEO\Ras.exe: [Debugger] ntsd -d
IFEO\Rav.exe: [Debugger] ntsd -d
IFEO\RavCopy.exe: [Debugger] ntsd -d
IFEO\RavMon.exe: [Debugger] ntsd -d
IFEO\RavMonD.exe: [Debugger] ntsd -d
IFEO\RavStore.exe: [Debugger] ntsd -d
IFEO\RavStub.exe: [Debugger] ntsd -d
IFEO\ravt08.exe: [Debugger] ntsd -d
IFEO\RavTask.exe: [Debugger] ntsd -d
IFEO\RegClean.exe: [Debugger] ntsd -d
IFEO\RegEx.exe: [Debugger] ntsd -d
IFEO\rfwcfg.exe: [Debugger] ntsd -d
IFEO\RfwMain.exe: [Debugger] ntsd -d
IFEO\rfwolusr.exe: [Debugger] ntsd -d
IFEO\rfwProxy.exe: [Debugger] ntsd -d
IFEO\rfwsrv.exe: [Debugger] ntsd -d
IFEO\RsAgent.exe: [Debugger] ntsd -d
IFEO\Rsaupd.exe: [Debugger] ntsd -d
IFEO\RsMain.exe: [Debugger] ntsd -d
IFEO\rsnetsvr.exe: [Debugger] ntsd -d
IFEO\RSTray.exe: [Debugger] ntsd -d
IFEO\runiep.exe: [Debugger] ntsd -d
IFEO\safebank.exe: [Debugger] ntsd -d
IFEO\safeboxTray.exe: [Debugger] ntsd -d
IFEO\safelive.exe: [Debugger] ntsd -d
IFEO\scan32.exe: [Debugger] ntsd -d
IFEO\ScanFrm.exe: [Debugger] ntsd -d
IFEO\shcfg32.exe: [Debugger] ntsd -d
IFEO\smartassistant.exe: [Debugger] ntsd -d
IFEO\SmartUp.exe: [Debugger] ntsd -d
IFEO\SREng.exe: [Debugger] ntsd -d
IFEO\SREngPS.exe: [Debugger] ntsd -d
IFEO\symlcsvc.exe: [Debugger] ntsd -d
IFEO\syscheck.exe: [Debugger] ntsd -d
IFEO\Syscheck2.exe: [Debugger] ntsd -d
IFEO\SysSafe.exe: [Debugger] ntsd -d
IFEO\ToolsUp.exe: [Debugger] ntsd -d
IFEO\TrojanDetector.exe: [Debugger] ntsd -d
IFEO\Trojanwall.exe: [Debugger] ntsd -d
IFEO\TrojDie.kxp: [Debugger] ntsd -d
IFEO\UIHost.exe: [Debugger] ntsd -d
IFEO\UmxAgent.exe: [Debugger] ntsd -d
IFEO\UmxAttachment.exe: [Debugger] ntsd -d
IFEO\UmxCfg.exe: [Debugger] ntsd -d
IFEO\UmxFwHlp.exe: [Debugger] ntsd -d
IFEO\UmxPol.exe: [Debugger] ntsd -d
IFEO\UpLive.exe: [Debugger] ntsd -d
IFEO\WoptiClean.exe: [Debugger] ntsd -d
IFEO\zxsweep.exe: [Debugger] ntsd -d
Startup: C:\Documents and Settings\redouan\Menu Démarrer\Programmes\Démarrage\qokyamac.exe [2015-05-05] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,,C:\Program Files\DjrRJElI\qokyamac.exe
2015-05-05 10:32 - 2015-05-05 10:32 - 00000000 ____D () C:\Program Files\DjrRJElI
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis :
Fais un scan en ligne NOD32 : https://www.malekal.com/scan-antivirus-ligne-nod32/#NOD32
Enregistre le rapport
Envoie le sur http://pjjoint.malekal.com
Donne le lien ici.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
rebonjour,
pour le fichier C:\Program Files\DjrRJElI\qokyamac.exe>>>je n arrive pas a ouvrir C
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-05-2015
Ran by redouan at 2015-05-20 20:03:37 Run:1
Running from C:\Documents and Settings\redouan\Bureau
Loaded Profiles: redouan (Available profiles: redouan)
Boot Mode: Normal
==============================================
Content of fixlist:
IFEO\360hotfix.exe: [Debugger] ntsd -d
IFEO\360rpt.exe: [Debugger] ntsd -d
IFEO\360Safe.exe: [Debugger] ntsd -d
IFEO\360safebox.exe: [Debugger] ntsd -d
IFEO\360tray.exe: [Debugger] ntsd -d
IFEO\adam.exe: [Debugger] ntsd -d
IFEO\AgentSvr.exe: [Debugger] ntsd -d
IFEO\AntiArp.exe: [Debugger] ntsd -d
IFEO\AppSvc32.exe: [Debugger] ntsd -d
IFEO\arvmon.exe: [Debugger] ntsd -d
IFEO\AutoGuarder.exe: [Debugger] ntsd -d
IFEO\autoruns.exe: [Debugger] ntsd -d
IFEO\avgrssvc.exe: [Debugger] ntsd -d
IFEO\AvMonitor.exe: [Debugger] ntsd -d
IFEO\avp.com: [Debugger] ntsd -d
IFEO\avp.exe: [Debugger] ntsd -d
IFEO\CCenter.exe: [Debugger] ntsd -d
IFEO\ccSvcHst.exe: [Debugger] ntsd -d
IFEO\FileDsty.exe: [Debugger] ntsd -d
IFEO\findt2005.exe: [Debugger] ntsd -d
IFEO\FTCleanerShell.exe: [Debugger] ntsd -d
IFEO\HijackThis.exe: [Debugger] ntsd -d
IFEO\IceSword.exe: [Debugger] ntsd -d
IFEO\iparmo.exe: [Debugger] ntsd -d
IFEO\Iparmor.exe: [Debugger] ntsd -d
IFEO\IsHelp.exe: [Debugger] ntsd -d
IFEO\isPwdSvc.exe: [Debugger] ntsd -d
IFEO\kabaload.exe: [Debugger] ntsd -d
IFEO\KaScrScn.SCR: [Debugger] ntsd -d
IFEO\KASMain.exe: [Debugger] ntsd -d
IFEO\KASTask.exe: [Debugger] ntsd -d
IFEO\KAV32.exe: [Debugger] ntsd -d
IFEO\KAVDX.exe: [Debugger] ntsd -d
IFEO\KAVPFW.exe: [Debugger] ntsd -d
IFEO\KAVSetup.exe: [Debugger] ntsd -d
IFEO\KAVStart.exe: [Debugger] ntsd -d
IFEO\killhidepid.exe: [Debugger] ntsd -d
IFEO\KISLnchr.exe: [Debugger] ntsd -d
IFEO\KMailMon.exe: [Debugger] ntsd -d
IFEO\KMFilter.exe: [Debugger] ntsd -d
IFEO\KPFW32.exe: [Debugger] ntsd -d
IFEO\KPFW32X.exe: [Debugger] ntsd -d
IFEO\KPFWSvc.exe: [Debugger] ntsd -d
IFEO\KRepair.COM: [Debugger] ntsd -d
IFEO\KsLoader.exe: [Debugger] ntsd -d
IFEO\KVCenter.kxp: [Debugger] ntsd -d
IFEO\KvDetect.exe: [Debugger] ntsd -d
IFEO\kvfw.exe: [Debugger] ntsd -d
IFEO\KvfwMcl.exe: [Debugger] ntsd -d
IFEO\KVMonXP.kxp: [Debugger] ntsd -d
IFEO\KVMonXP_1.kxp: [Debugger] ntsd -d
IFEO\kvol.exe: [Debugger] ntsd -d
IFEO\kvolself.exe: [Debugger] ntsd -d
IFEO\KvReport.kxp: [Debugger] ntsd -d
IFEO\KVScan.kxp: [Debugger] ntsd -d
IFEO\KVSrvXP.exe: [Debugger] ntsd -d
IFEO\KVStub.kxp: [Debugger] ntsd -d
IFEO\kvupload.exe: [Debugger] ntsd -d
IFEO\kvwsc.exe: [Debugger] ntsd -d
IFEO\KvXP.kxp: [Debugger] ntsd -d
IFEO\KvXP_1.kxp: [Debugger] ntsd -d
IFEO\KWatch.exe: [Debugger] ntsd -d
IFEO\KWatch9x.exe: [Debugger] ntsd -d
IFEO\KWatchX.exe: [Debugger] ntsd -d
IFEO\LiveUpdate360.exe: [Debugger] ntsd -d
IFEO\loaddll.exe: [Debugger] ntsd -d
IFEO\MagicSet.exe: [Debugger] ntsd -d
IFEO\mcconsol.exe: [Debugger] ntsd -d
IFEO\mmqczj.exe: [Debugger] ntsd -d
IFEO\mmsk.exe: [Debugger] ntsd -d
IFEO\NAVSetup.exe: [Debugger] ntsd -d
IFEO\nod32krn.exe: [Debugger] ntsd -d
IFEO\nod32kui.exe: [Debugger] ntsd -d
IFEO\PFW.exe: [Debugger] ntsd -d
IFEO\PFWLiveUpdate.exe: [Debugger] ntsd -d
IFEO\QHSET.exe: [Debugger] ntsd -d
IFEO\Ras.exe: [Debugger] ntsd -d
IFEO\Rav.exe: [Debugger] ntsd -d
IFEO\RavCopy.exe: [Debugger] ntsd -d
IFEO\RavMon.exe: [Debugger] ntsd -d
IFEO\RavMonD.exe: [Debugger] ntsd -d
IFEO\RavStore.exe: [Debugger] ntsd -d
IFEO\RavStub.exe: [Debugger] ntsd -d
IFEO\ravt08.exe: [Debugger] ntsd -d
IFEO\RavTask.exe: [Debugger] ntsd -d
IFEO\RegClean.exe: [Debugger] ntsd -d
IFEO\RegEx.exe: [Debugger] ntsd -d
IFEO\rfwcfg.exe: [Debugger] ntsd -d
IFEO\RfwMain.exe: [Debugger] ntsd -d
IFEO\rfwolusr.exe: [Debugger] ntsd -d
IFEO\rfwProxy.exe: [Debugger] ntsd -d
IFEO\rfwsrv.exe: [Debugger] ntsd -d
IFEO\RsAgent.exe: [Debugger] ntsd -d
IFEO\Rsaupd.exe: [Debugger] ntsd -d
IFEO\RsMain.exe: [Debugger] ntsd -d
IFEO\rsnetsvr.exe: [Debugger] ntsd -d
IFEO\RSTray.exe: [Debugger] ntsd -d
IFEO\runiep.exe: [Debugger] ntsd -d
IFEO\safebank.exe: [Debugger] ntsd -d
IFEO\safeboxTray.exe: [Debugger] ntsd -d
IFEO\safelive.exe: [Debugger] ntsd -d
IFEO\scan32.exe: [Debugger] ntsd -d
IFEO\ScanFrm.exe: [Debugger] ntsd -d
IFEO\shcfg32.exe: [Debugger] ntsd -d
IFEO\smartassistant.exe: [Debugger] ntsd -d
IFEO\SmartUp.exe: [Debugger] ntsd -d
IFEO\SREng.exe: [Debugger] ntsd -d
IFEO\SREngPS.exe: [Debugger] ntsd -d
IFEO\symlcsvc.exe: [Debugger] ntsd -d
IFEO\syscheck.exe: [Debugger] ntsd -d
IFEO\Syscheck2.exe: [Debugger] ntsd -d
IFEO\SysSafe.exe: [Debugger] ntsd -d
IFEO\ToolsUp.exe: [Debugger] ntsd -d
IFEO\TrojanDetector.exe: [Debugger] ntsd -d
IFEO\Trojanwall.exe: [Debugger] ntsd -d
IFEO\TrojDie.kxp: [Debugger] ntsd -d
IFEO\UIHost.exe: [Debugger] ntsd -d
IFEO\UmxAgent.exe: [Debugger] ntsd -d
IFEO\UmxAttachment.exe: [Debugger] ntsd -d
IFEO\UmxCfg.exe: [Debugger] ntsd -d
IFEO\UmxFwHlp.exe: [Debugger] ntsd -d
IFEO\UmxPol.exe: [Debugger] ntsd -d
IFEO\UpLive.exe: [Debugger] ntsd -d
IFEO\WoptiClean.exe: [Debugger] ntsd -d
IFEO\zxsweep.exe: [Debugger] ntsd -d
Startup: C:\Documents and Settings\redouan\Menu Démarrer\Programmes\Démarrage\qokyamac.exe [2015-05-05] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,,C:\Program Files\DjrRJElI\qokyamac.exe
2015-05-05 10:32 - 2015-05-05 10:32 - 00000000 ____D () C:\Program Files\DjrRJElI
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360hotfix.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360rpt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360Safe.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360safebox.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360tray.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adam.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AgentSvr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AntiArp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AppSvc32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\arvmon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AutoGuarder.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\autoruns.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgrssvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvMonitor.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.com" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CCenter.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccSvcHst.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FileDsty.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\findt2005.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FTCleanerShell.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\HijackThis.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IceSword.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iparmo.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Iparmor.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IsHelp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\isPwdSvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kabaload.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KaScrScn.SCR" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KASMain.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KASTask.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAV32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVDX.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVPFW.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVSetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVStart.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\killhidepid.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KISLnchr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KMailMon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KMFilter.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KPFW32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KPFW32X.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KPFWSvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KRepair.COM" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KsLoader.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVCenter.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvDetect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvfw.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvfwMcl.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVMonXP.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVMonXP_1.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvolself.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvReport.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVScan.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVSrvXP.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVStub.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvupload.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvwsc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvXP.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvXP_1.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KWatch.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KWatch9x.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KWatchX.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\LiveUpdate360.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\loaddll.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MagicSet.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mcconsol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mmqczj.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mmsk.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NAVSetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nod32krn.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nod32kui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PFW.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PFWLiveUpdate.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\QHSET.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Ras.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Rav.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavCopy.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavMon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavMonD.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavStore.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavStub.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ravt08.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavTask.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RegClean.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RegEx.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwcfg.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RfwMain.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwolusr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwProxy.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwsrv.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RsAgent.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Rsaupd.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RsMain.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rsnetsvr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RSTray.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\runiep.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\safebank.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\safeboxTray.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\safelive.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\scan32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ScanFrm.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\shcfg32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\smartassistant.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SmartUp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SREng.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SREngPS.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\symlcsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\syscheck.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Syscheck2.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SysSafe.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ToolsUp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TrojanDetector.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Trojanwall.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TrojDie.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UIHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxAgent.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxAttachment.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxCfg.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxFwHlp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxPol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UpLive.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WoptiClean.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zxsweep.exe" => Key deleted successfully.
C:\Documents and Settings\redouan\Menu Démarrer\Programmes\Démarrage\qokyamac.exe => Moved successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
C:\Program Files\DjrRJElI => Moved successfully.
pour le fichier C:\Program Files\DjrRJElI\qokyamac.exe>>>je n arrive pas a ouvrir C
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-05-2015
Ran by redouan at 2015-05-20 20:03:37 Run:1
Running from C:\Documents and Settings\redouan\Bureau
Loaded Profiles: redouan (Available profiles: redouan)
Boot Mode: Normal
==============================================
Content of fixlist:
IFEO\360hotfix.exe: [Debugger] ntsd -d
IFEO\360rpt.exe: [Debugger] ntsd -d
IFEO\360Safe.exe: [Debugger] ntsd -d
IFEO\360safebox.exe: [Debugger] ntsd -d
IFEO\360tray.exe: [Debugger] ntsd -d
IFEO\adam.exe: [Debugger] ntsd -d
IFEO\AgentSvr.exe: [Debugger] ntsd -d
IFEO\AntiArp.exe: [Debugger] ntsd -d
IFEO\AppSvc32.exe: [Debugger] ntsd -d
IFEO\arvmon.exe: [Debugger] ntsd -d
IFEO\AutoGuarder.exe: [Debugger] ntsd -d
IFEO\autoruns.exe: [Debugger] ntsd -d
IFEO\avgrssvc.exe: [Debugger] ntsd -d
IFEO\AvMonitor.exe: [Debugger] ntsd -d
IFEO\avp.com: [Debugger] ntsd -d
IFEO\avp.exe: [Debugger] ntsd -d
IFEO\CCenter.exe: [Debugger] ntsd -d
IFEO\ccSvcHst.exe: [Debugger] ntsd -d
IFEO\FileDsty.exe: [Debugger] ntsd -d
IFEO\findt2005.exe: [Debugger] ntsd -d
IFEO\FTCleanerShell.exe: [Debugger] ntsd -d
IFEO\HijackThis.exe: [Debugger] ntsd -d
IFEO\IceSword.exe: [Debugger] ntsd -d
IFEO\iparmo.exe: [Debugger] ntsd -d
IFEO\Iparmor.exe: [Debugger] ntsd -d
IFEO\IsHelp.exe: [Debugger] ntsd -d
IFEO\isPwdSvc.exe: [Debugger] ntsd -d
IFEO\kabaload.exe: [Debugger] ntsd -d
IFEO\KaScrScn.SCR: [Debugger] ntsd -d
IFEO\KASMain.exe: [Debugger] ntsd -d
IFEO\KASTask.exe: [Debugger] ntsd -d
IFEO\KAV32.exe: [Debugger] ntsd -d
IFEO\KAVDX.exe: [Debugger] ntsd -d
IFEO\KAVPFW.exe: [Debugger] ntsd -d
IFEO\KAVSetup.exe: [Debugger] ntsd -d
IFEO\KAVStart.exe: [Debugger] ntsd -d
IFEO\killhidepid.exe: [Debugger] ntsd -d
IFEO\KISLnchr.exe: [Debugger] ntsd -d
IFEO\KMailMon.exe: [Debugger] ntsd -d
IFEO\KMFilter.exe: [Debugger] ntsd -d
IFEO\KPFW32.exe: [Debugger] ntsd -d
IFEO\KPFW32X.exe: [Debugger] ntsd -d
IFEO\KPFWSvc.exe: [Debugger] ntsd -d
IFEO\KRepair.COM: [Debugger] ntsd -d
IFEO\KsLoader.exe: [Debugger] ntsd -d
IFEO\KVCenter.kxp: [Debugger] ntsd -d
IFEO\KvDetect.exe: [Debugger] ntsd -d
IFEO\kvfw.exe: [Debugger] ntsd -d
IFEO\KvfwMcl.exe: [Debugger] ntsd -d
IFEO\KVMonXP.kxp: [Debugger] ntsd -d
IFEO\KVMonXP_1.kxp: [Debugger] ntsd -d
IFEO\kvol.exe: [Debugger] ntsd -d
IFEO\kvolself.exe: [Debugger] ntsd -d
IFEO\KvReport.kxp: [Debugger] ntsd -d
IFEO\KVScan.kxp: [Debugger] ntsd -d
IFEO\KVSrvXP.exe: [Debugger] ntsd -d
IFEO\KVStub.kxp: [Debugger] ntsd -d
IFEO\kvupload.exe: [Debugger] ntsd -d
IFEO\kvwsc.exe: [Debugger] ntsd -d
IFEO\KvXP.kxp: [Debugger] ntsd -d
IFEO\KvXP_1.kxp: [Debugger] ntsd -d
IFEO\KWatch.exe: [Debugger] ntsd -d
IFEO\KWatch9x.exe: [Debugger] ntsd -d
IFEO\KWatchX.exe: [Debugger] ntsd -d
IFEO\LiveUpdate360.exe: [Debugger] ntsd -d
IFEO\loaddll.exe: [Debugger] ntsd -d
IFEO\MagicSet.exe: [Debugger] ntsd -d
IFEO\mcconsol.exe: [Debugger] ntsd -d
IFEO\mmqczj.exe: [Debugger] ntsd -d
IFEO\mmsk.exe: [Debugger] ntsd -d
IFEO\NAVSetup.exe: [Debugger] ntsd -d
IFEO\nod32krn.exe: [Debugger] ntsd -d
IFEO\nod32kui.exe: [Debugger] ntsd -d
IFEO\PFW.exe: [Debugger] ntsd -d
IFEO\PFWLiveUpdate.exe: [Debugger] ntsd -d
IFEO\QHSET.exe: [Debugger] ntsd -d
IFEO\Ras.exe: [Debugger] ntsd -d
IFEO\Rav.exe: [Debugger] ntsd -d
IFEO\RavCopy.exe: [Debugger] ntsd -d
IFEO\RavMon.exe: [Debugger] ntsd -d
IFEO\RavMonD.exe: [Debugger] ntsd -d
IFEO\RavStore.exe: [Debugger] ntsd -d
IFEO\RavStub.exe: [Debugger] ntsd -d
IFEO\ravt08.exe: [Debugger] ntsd -d
IFEO\RavTask.exe: [Debugger] ntsd -d
IFEO\RegClean.exe: [Debugger] ntsd -d
IFEO\RegEx.exe: [Debugger] ntsd -d
IFEO\rfwcfg.exe: [Debugger] ntsd -d
IFEO\RfwMain.exe: [Debugger] ntsd -d
IFEO\rfwolusr.exe: [Debugger] ntsd -d
IFEO\rfwProxy.exe: [Debugger] ntsd -d
IFEO\rfwsrv.exe: [Debugger] ntsd -d
IFEO\RsAgent.exe: [Debugger] ntsd -d
IFEO\Rsaupd.exe: [Debugger] ntsd -d
IFEO\RsMain.exe: [Debugger] ntsd -d
IFEO\rsnetsvr.exe: [Debugger] ntsd -d
IFEO\RSTray.exe: [Debugger] ntsd -d
IFEO\runiep.exe: [Debugger] ntsd -d
IFEO\safebank.exe: [Debugger] ntsd -d
IFEO\safeboxTray.exe: [Debugger] ntsd -d
IFEO\safelive.exe: [Debugger] ntsd -d
IFEO\scan32.exe: [Debugger] ntsd -d
IFEO\ScanFrm.exe: [Debugger] ntsd -d
IFEO\shcfg32.exe: [Debugger] ntsd -d
IFEO\smartassistant.exe: [Debugger] ntsd -d
IFEO\SmartUp.exe: [Debugger] ntsd -d
IFEO\SREng.exe: [Debugger] ntsd -d
IFEO\SREngPS.exe: [Debugger] ntsd -d
IFEO\symlcsvc.exe: [Debugger] ntsd -d
IFEO\syscheck.exe: [Debugger] ntsd -d
IFEO\Syscheck2.exe: [Debugger] ntsd -d
IFEO\SysSafe.exe: [Debugger] ntsd -d
IFEO\ToolsUp.exe: [Debugger] ntsd -d
IFEO\TrojanDetector.exe: [Debugger] ntsd -d
IFEO\Trojanwall.exe: [Debugger] ntsd -d
IFEO\TrojDie.kxp: [Debugger] ntsd -d
IFEO\UIHost.exe: [Debugger] ntsd -d
IFEO\UmxAgent.exe: [Debugger] ntsd -d
IFEO\UmxAttachment.exe: [Debugger] ntsd -d
IFEO\UmxCfg.exe: [Debugger] ntsd -d
IFEO\UmxFwHlp.exe: [Debugger] ntsd -d
IFEO\UmxPol.exe: [Debugger] ntsd -d
IFEO\UpLive.exe: [Debugger] ntsd -d
IFEO\WoptiClean.exe: [Debugger] ntsd -d
IFEO\zxsweep.exe: [Debugger] ntsd -d
Startup: C:\Documents and Settings\redouan\Menu Démarrer\Programmes\Démarrage\qokyamac.exe [2015-05-05] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,,C:\Program Files\DjrRJElI\qokyamac.exe
2015-05-05 10:32 - 2015-05-05 10:32 - 00000000 ____D () C:\Program Files\DjrRJElI
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360hotfix.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360rpt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360Safe.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360safebox.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\360tray.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adam.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AgentSvr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AntiArp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AppSvc32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\arvmon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AutoGuarder.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\autoruns.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgrssvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvMonitor.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.com" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CCenter.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccSvcHst.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FileDsty.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\findt2005.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FTCleanerShell.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\HijackThis.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IceSword.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iparmo.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Iparmor.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IsHelp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\isPwdSvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kabaload.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KaScrScn.SCR" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KASMain.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KASTask.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAV32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVDX.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVPFW.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVSetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KAVStart.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\killhidepid.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KISLnchr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KMailMon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KMFilter.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KPFW32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KPFW32X.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KPFWSvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KRepair.COM" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KsLoader.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVCenter.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvDetect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvfw.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvfwMcl.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVMonXP.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVMonXP_1.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvolself.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvReport.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVScan.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVSrvXP.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KVStub.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvupload.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kvwsc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvXP.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KvXP_1.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KWatch.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KWatch9x.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\KWatchX.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\LiveUpdate360.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\loaddll.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MagicSet.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mcconsol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mmqczj.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mmsk.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NAVSetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nod32krn.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nod32kui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PFW.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PFWLiveUpdate.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\QHSET.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Ras.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Rav.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavCopy.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavMon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavMonD.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavStore.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavStub.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ravt08.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RavTask.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RegClean.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RegEx.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwcfg.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RfwMain.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwolusr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwProxy.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rfwsrv.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RsAgent.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Rsaupd.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RsMain.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rsnetsvr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RSTray.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\runiep.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\safebank.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\safeboxTray.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\safelive.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\scan32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ScanFrm.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\shcfg32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\smartassistant.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SmartUp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SREng.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SREngPS.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\symlcsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\syscheck.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Syscheck2.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SysSafe.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ToolsUp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TrojanDetector.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Trojanwall.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TrojDie.kxp" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UIHost.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxAgent.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxAttachment.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxCfg.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxFwHlp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UmxPol.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UpLive.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WoptiClean.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zxsweep.exe" => Key deleted successfully.
C:\Documents and Settings\redouan\Menu Démarrer\Programmes\Démarrage\qokyamac.exe => Moved successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
C:\Program Files\DjrRJElI => Moved successfully.
