Pc qui rame et page qui se fige trop de pc
nicky
-
nicky -
nicky -
Bonjour,
je ne connais pas grand chose j ai mon pcqui rame beaucoup et quand j' ouvre une page elle se fige et je suis obligé d'éteindre mon pc trop de temps pour ecrire cette phrase car mon pc bloque merci de m'aider ca fait des jours que je galére merci
je ne connais pas grand chose j ai mon pcqui rame beaucoup et quand j' ouvre une page elle se fige et je suis obligé d'éteindre mon pc trop de temps pour ecrire cette phrase car mon pc bloque merci de m'aider ca fait des jours que je galére merci
A voir également:
- Pc qui rame et page qui se fige trop de pc
- Pc qui rame - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
40 réponses
ok fais ça :
Télécharge Clean:
-> http://www.malekal.com/download/clean.zip
-> Dézippe tout le contenu dans un dossier que tu auras cré au préalable (sur ton bureau par exemple). Double clic sur clean ou clean.cmd choisie l'option 1.
Un rapport va s'ouvrir, copie et colle le contenu sur le forum.
-> pour ceux ou celles qui auraient un doute sur comment deziper un fichier :
http://www.tutopat.com/viewtopic.php?t=933&sid=34215b238376bfb22ef9e8eca9995914
Télécharge Clean:
-> http://www.malekal.com/download/clean.zip
-> Dézippe tout le contenu dans un dossier que tu auras cré au préalable (sur ton bureau par exemple). Double clic sur clean ou clean.cmd choisie l'option 1.
Un rapport va s'ouvrir, copie et colle le contenu sur le forum.
-> pour ceux ou celles qui auraient un doute sur comment deziper un fichier :
http://www.tutopat.com/viewtopic.php?t=933&sid=34215b238376bfb22ef9e8eca9995914
nicky
je sais pas si j'ai bien fait cela me met que des dossier
oui c est que que je fait@echo off
rem Par Malekal_morte
rem translation by Ruby
rem Suppression de fichiers utilises par des malwares
set ver=Rapport clean par Malekal_morte - http://www.malekal.com
set lang=int
if exist "%userprofile%\Bureau" ( set lang=fra )
if exist "Programme\Gemeinsame Dateien\" ( set lang = de )
if %lang%==fra (
set noexist1=Des fichiers sont manquants, avez-vous bien decompresse toute l'archive?
set noexist2=Le script ne peut continuer a s'executer..
set translation=traduction par Ruby
set menu= Choisissez l'une des options suivantes :
set menu1= 1. Recherche de fichiers infectieux
set menu2= 2. Nettoyage des fichiers infectieux
set menu3= Q. Quitter
set cherche=La recherche debute.. Ceci peut prendre plusieurs minutes.. Soyez PATIENT !!!
set cherche2=Option 1, executee le
set warning=Clean va supprimer les fichiers et dossiers connus pour etre des malwares.
set warning2=Il est recommande d'utiliser cette option avec un expert a partir de forum de securite tel que :
set forum=http://forum.malekal.com
set forum2=https://forum.zebulon.fr/
set forum3=http://forum.telecharger.01net.com/forum/
set patient=Merci de bien vouloir patienter et d'attendre le message disant que le programme a termine.
set mode=Script execute en mode normal
set modealerte=Vous tentez d'executer le script en mode normal, il est recommande de le faire en mode sans echec
set modealerte1=Option 2, execute le
set modealerte2=Script execute en mode sans echec
set desfichiers=des fichiers dans
set registre=Suppression des clefs du registre..
set registre2=Suppression des clefs du registre effectuee..
set findurapport=*** Fin du rapport !
set termine=Termine.... !
set rapport=Le rapport de scan va s'ouvrir.
set enregistrerrapport=Vous pouvez l'enregistrer sur le bureau ^(Menu Fichier / enregistrer-sous^) afin de coller le contenu du rapport.
)
if %lang%==de (
set noexist1=Dateien fehlen, haben Sie das ganze Archiv entpackt?
set noexist2=Das Skript kann nicht weiter ausgeführt werden..
set translation=Ein Dankeschön an Ruby
set menu= Wählen Sie eine der folgenden Optionen :
set menu1= 1. Suche nach infektiösen Dateien
set menu2= 2. Reinigung der infektiösen Dateien
set menu3= Q. Beenden
set cherche=Die Suche beginnt.. Das kann einige Minuten dauern.. Seien Sie geduldig !!!
set cherche2=Eingabe %Datum% und %Zeit%
set warning=Clean wird die Dateien und Ordner, die als Malware bekannt sind, entfernen.
set warning2=Es wird empfohlen, diese Option nach Anweisung eines Experten folgender Foren anzuwenden:
set forum=http://forum.malekal.com
set forum2=
set forum3=
set patient=Dies dauert einige Zeit. Bitte haben Sie Geduld und warten Sie auf die Meldung, dass es beendet ist.
set mode=Skript im normalen Modus ausgeführt
set modealerte=Sie versuchen das Skript im normalen Modus auszuführen, der abgesicherte Modus ist erforderlich.
set modealerte2=Skript im abgesicherten Modus ausgeführt
set desfichiers=Dateien auf dem
set registre=Entfernung der Registrierungsschlüssel..
set registre2=Entfernung der Registrierungsschlüssel erfolgreich..
set findurapport=*** Ende des Berichts !
set termine=Ende des Berichts !
set rapport=Der Sxan Bericht wird sich nun öffnen.
set enregistrerrapport=Sie können ihn auf dem Desktop abspeichern ^(Menu Dateien / speichern als^) wenn Sie den Inhalt des Berichtes kopiert haben.
)
if %lang%==int (
set noexist1=files missed, did you unzip the whole archive?
set noexist2=The Script can not further be executed..
set translation=translation by Ruby
set menu= Choose one of the following Options :
set menu1= 1. Search for infected files
set menu2= 2. Cleaning of the infected files
set menu3= Q. Complete
set cherche=The search is starting.. This can last some minutes.. Please be patient !!!
set cherche2=Option 1, executee le
set warning=Clean will delete all those files and folders which are known to be malware.
set warning2=It is recommended, to apply this option after instruction of an expert of one the following forums:
set forum=https://www.malwareremoval.com/
set forum2=http://www.geekstogo.com/forum/index.php
set forum3=http://ww25.forums.spywareinfo.com/
set patient=This will last some time. Please be patient and wait until you get the message that it's finished.
set mode=Script executed in Normal Mode
set modealerte=You try to execute the script in Normal Mode, Safe Mode is required.
set modealerte1=Option 2, Enter
set modealerte2=Script executed in Safe Mode
set findurapport=files on
set registre=Deletion of the registry keys..
set registre2=Deletion of the registry keys successful..
set termine=Terminated.... !
set findurapport=*** End of the report !
set rapport=The scan report will open now.
set enregistrerrapport=You can save the report ^(Menu Files / Save as^) please copy the content of this reportfile first.
)
if not exist del2.cmd (
echo %noexist1%
echo %noexist2%
pause
goto end2
)
if exist %systemdrive%\rapport_clean.txt del /F /Q %systemdrive%\rapport_clean.txt
:menu
cls
set fixvers=v1.00
set auteur=Malekal_morte
echo.
echo.
echo Clean %fixvers% par Malekal_morte
echo %translation%
echo.
echo.
echo.
echo %menu%
echo.
echo %menu1%
echo %menu2%
echo %menu3%
echo.
echo --- http://www.malekal.com ---
echo.
echo.
echo.
) else (
set ChoixMenu=''
set /p ChoixMenu=%sChoice% (1,2,3,Q) :
if '%ChoixMenu%'=='q' GOTO exit
if '%ChoixMenu%'=='Q' GOTO exit
if '%ChoixMenu%'=='1' GOTO chercher
if '%ChoixMenu%'=='2' GOTO clean
goto menu
:chercher
set commande=cherche
set commande2=cherche
set commande3=cherche
set commande4=cherche
set action=Recherche
echo.
echo %cherche%
echo %chercher2% %date% a %time% >> %systemdrive%\rapport_clean.txt
goto go
:clean
set commande=del2
set commande2=del3
set commande3=delr
set commande4=delsiri
set action=Suppression
echo %cherche%
cls
echo %warning%
echo.
set %warning2%
set %forum%
set %forum2%
set %forum3%
echo.
echo %patient%
echo.
pause
echo.
if not defined safeboot_option (
echo %mode%
echo %modealerte%
pause
echo.
)
if defined safeboot_option echo %modealerte2% >> %systemdrive%\rapport_clean.txt
echo %ver% >> %systemdrive%\rapport_clean.txt
echo %modealerte1%
echo %modealerte2% %date% a %time% >> %systemdrive%\rapport_clean.txt
ver >> %systemdrive%\rapport_clean.txt
goto go
:go
echo. >> %systemdrive%\rapport_clean.txt
echo *** %action% %desfichiers% %systemdrive% >> %systemdrive%\rapport_clean.txt
call %commande% %systemdrive%\mideerase.exe
call %commande% %windir%\System32\KAT.vbs
call %commande% %windir%\System32\KAT.vbs
call %commande% "%ALLUSERSPROFILE%\Start Menu\Programs\Startup\Startup.vbs"
call %commande% "%windir%\Start Menu\Programs\Startup\Starup.vbs"
call %commande% %systemdrive%\KAT.vbs
call %commande% %windir%\system32\drivers\etc\KAT.vbs
call %commande% %windir%\system\KAT.vbs
call %commande% "%USERPROFILE%\Desktop\KAT.vbs"
call %commande% %windir%\My Downloads\KAT.vbs
call %commande% "%windir%\My Shared Folder\KAT.vbs"
call %commande% "%USERPROFILE%\Bureau\KAT.vbs"
call %commande% %windir%\system32\autorun.bat
call %commande% %windir%\system32\autorun.vbs
call %commande% %systemdrive%\autorun.bat
call %commande% %systemdrive%\autorun.V00bat
call %commande% %systemdrive%\autorun.V00vbs
call %commande% %systemdrive%\autorun.V00Vvbs
call %commande% %systemdrive%\autorun.V00VVvbs
call %commande% %systemdrive%\autorun.Vbat
call %commande% %systemdrive%\autorun.vbs
call %commande% %systemdrive%\autorun.VVbat
call %commande% %systemdrive%\autorun.Vvbs
call %commande% %systemdrive%\autorun.VVvbs
call %commande% %systemdrive%\autorun.VVVvbs
call %commande% "%systemdrive%\Arquivos de programas\GbpSvc.exe"
call %commande4% %systemdrive%\AdultScreenSaver\
call %commande4% %systemdrive%\FastCleaner\
call %commande% %systemdrive%\autorun.inf
call %commande% %systemdrive%\36110103225565*.exe
call %commande% %systemdrive%\gcue.exe
call %commande% %systemdrive%\gcue?????.exe
call %commande% %systemdrive%\xfeq.exe
call %commande% %systemdrive%\qoiy.exe
call %commande% %systemdrive%\egnt.exe
call %commande% %systemdrive%\tel.exe
call %commande% %systemdrive%\isetup.exe
call %commande% %systemdrive%\mi.exe
call %commande% %systemdrive%\namn.exe
call %commande% %systemdrive%\lwqojwt.exe
call %commande% %systemdrive%\0xf9.exe
call %commande% %systemdrive%\a.bat
call %commande% %systemdrive%\abcd.exe
call %commande% %systemdrive%\ac?_????.exe
call %commande% %systemdrive%\adj.exe
call %commande% %systemdrive%\anad.exe
call %commande% %systemdrive%\a.exe
call %commande% %systemdrive%\at.exe
call %commande% %systemdrive%\AntiVirScan.exe
call %commande% %systemdrive%\auji.exe
call %commande% %systemdrive%\autorun.exe
call %commande% %systemdrive%\axexx.chm
call %commande% %systemdrive%\bdyrasbn.exe
call %commande% %systemdrive%\bvc.exe
call %commande% %systemdrive%\bsw.exe
call %commande% %systemdrive%\chwio.exe
call %commande% "%systemdrive%\Christina Aguilera.vbs"
call %commande% %systemdrive%\colpg.exe
call %commande% %systemdrive%\Colo2.exe
call %commande% %systemdrive%\crpbubf.exe
call %commande% %systemdrive%\defender???.exe
call %commande% %systemdrive%\defender??.exe
call %commande% %systemdrive%\der32.exe
call %commande% %systemdrive%\deskbar.exe
call %commande% %systemdrive%\deskbar*.exe
call %commande% %systemdrive%\dfndr*.exe
call %commande% %systemdrive%\dihd.exe
call %commande% %systemdrive%\dinst.exe
call %commande% %systemdrive%\diugwlxw.exe
call %commande% %systemdrive%\dfndrff_*.exe
call %commande% %systemdrive%\documents.exe
call %commande% %systemdrive%\dokey32.exe
call %commande% %systemdrive%\dollarrev.exe
call %commande% %systemdrive%\DXC?????.exe
call %commande3% %systemdrive%\DriverLoad\
call %commande% %systemdrive%\drsmartload.exe
call %commande% %systemdrive%\drsmartload*.exe
call %commande% %systemdrive%\dwin.exe
call %commande% %systemdrive%\DXC9.exe
call %commande% %systemdrive%\ecfcvj.exe
call %commande% %systemdrive%\eied_s7.cab
call %commande% %systemdrive%\ejybp.exe
call %commande% %systemdrive%\ev?.exe
call %commande% %systemdrive%\ex.cab
call %commande% %systemdrive%\explorer1.exe
call %commande% %systemdrive%\exo??.exe
call %commande% %systemdrive%\fastfreexx01.exe
call %commande% %systemdrive%\fjjkivnw.exe
call %commande% %systemdrive%\fthuw.exe
call %commande% %systemdrive%\fushd.exe
call %commande% %systemdrive%\fwpbamr.exe
call %commande% %systemdrive%\g.exe
call %commande% %systemdrive%\ghgk.exe
call %commande% %systemdrive%\gimmysmileys*.exe
call %commande% %systemdrive%\g7n4l2o4i4.exe
call %commande% %systemdrive%\hxdef100.exe
call %commande% %systemdrive%\hxdefdrv.sys
call %commande% %systemdrive%\handydriver.exe
call %commande% %systemdrive%\hfkmx.exe
call %commande% %systemdrive%\hgpsn.exe
call %commande% %systemdrive%\host.exe
call %commande% %systemdrive%\Installer*.exe
call %commande% %systemdrive%\kb17.exe
call %commande% %systemdrive%\kbwvqps.exe
call %commande% %systemdrive%\kwypcui.exe
call %commande% %systemdrive%\keyboard*.exe
call %commande% %systemdrive%\kybr*.exe
call %commande% %systemdrive%\kl?.exe
call %commande% %systemdrive%\kmd.exe
call %commande% %systemdrive%\knmbird.exe
call %commande% %systemdrive%\explorer.exe
call %commande% %systemdrive%\fra.exe
call %commande% %systemdrive%\host.exe
call %commande% %systemdrive%\icooloader.exe
call %commande% %systemdrive%\imwv.exe
call %commande% %systemdrive%\Installer?.exe
call %commande% %systemdrive%\lewl.exe
call %commande% %systemdrive%\powpip.exe
call %commande% %systemdrive%\mc44a?.exe
call %commande% %systemdrive%\mc44a*.exe
call %commande% %systemdrive%\M*DoxNg.exe
call %commande% %systemdrive%\Mendoza?.exe
call %commande% %systemdrive%\mediacon.exe
call %commande% %systemdrive%\mousepad*.exe
call %commande% %systemdrive%\mnmunkw.exe
call %commande% %systemdrive%\ms?.exe
call %commande% %systemdrive%\msgs.exe
call %commande% %systemdrive%\ms???.exe
call %commande% %systemdrive%\mtdx.exe
call %commande% %systemdrive%\MTE*NDI6ODoxNg.exe
call %commande% %systemdrive%\MTE*NDI6ODoxNg*.exe
call %commande% %systemdrive%\mv.exe
call %commande% %systemdrive%\my.exe
call %commande% %systemdrive%\myvbs.vbs
call %commande% %systemdrive%\nades.exe
call %commande% %systemdrive%\nergy.exe
call %commande% %systemdrive%\nds.exe
call %commande% %systemdrive%\newname*.exe
call %commande% %systemdrive%\mnswpr.exe
call %commande% %systemdrive%\msnchecke?.exe
call %commande% %systemdrive%\ntsuji.exe
call %commande% %systemdrive%\no-ip.exe
call %commande% %systemdrive%\nwnm*.exe
call %commande% %systemdrive%\*ff_??.exe
call %commande% %systemdrive%\plplo.exe
call %commande% %systemdrive%\pp4ico.exe
call %commande% %systemdrive%\PPL.exe
call %commande% %systemdrive%\Program?.exe
call %commande% %systemdrive%\prosys32.exe
call %commande% %systemdrive%\qhyo.exe
call %commande% %systemdrive%\qkqqx.exe
call %commande% %systemdrive%\q?win32.exe
call %commande% %systemdrive%\Ralia Odinga.exe
call %commande% %systemdrive%\Ralia Odinga.pif
call %commande% %systemdrive%\RDFX?.exe
call %commande% %systemdrive%\secure32.html
call %commande% %systemdrive%\setup.exe
call %commande% %systemdrive%\soqc.exe
call %commande% %systemdrive%\sk??.exe
call %commande% %systemdrive%\smss.exe
call %commande% %systemdrive%\stub_*_?_?_*.exe
call %commande% %systemdrive%\SSVICHOSST.exe
call %commande% %systemdrive%\system.exe
call %commande% %systemdrive%\t9.exe
call %commande% %systemdrive%\timed.exe
call %commande% %systemdrive%\tool?.exe
call %commande% %systemdrive%\setup.exe
call %commande% %systemdrive%\sxe?.tmp
call %commande% %systemdrive%\SnowballWarsInstaller.exe
call %commande% %systemdrive%\SS1001newer.exe
call %commande% %systemdrive%\stub_*newer.exe
call %commande% %systemdrive%\StubInstaller.exe
call %commande% %systemdrive%\svbgk.exe
call %commande% %systemdrive%\syst.exe
call %commande% %systemdrive%\t.inx
call %commande% %systemdrive%\us00.exe
call %commande% %systemdrive%\??.xls.exe
call %commande3% %systemdrive%\spywarevanisher-free\
call %commande% %systemdrive%\Trelew.exe
call %commande% %systemdrive%\ubegvnq.exe
call %commande% %systemdrive%\ucmoreiex.exe
call %commande% %systemdrive%\uniq
call %commande% %systemdrive%\UNMT.EXE
call %commande% %systemdrive%\upd.exe
call %commande% %systemdrive%\uy*.exe
call %commande% %systemdrive%\Veracruz.exe
call %commande% %systemdrive%\vhsot.exe
call %commande% %systemdrive%\VSL02.exe
call %commande% %systemdrive%\xaouye.exe
call %commande% %systemdrive%\yuka.exe
call %commande% %systemdrive%\wacky2.exe
call %commande% %systemdrive%\warebundlenewer.exe
call %commande% %systemdrive%\whwktfw.exe
call %commande% %systemdrive%\willpolo.vbs
call %commande% %systemdrive%\wjfi.exe
call %commande% %systemdrive%\wodc.exe
call %commande% %systemdrive%\wouvwd.exe
call %commande% %systemdrive%\WHCC2.exe
call %commande% %systemdrive%\WHCC?.exe
call %commande% %systemdrive%\winde.exe
call %commande% %systemdrive%\windeh.exe
call %commande% %systemdrive%\windows.exe
call %commande% %systemdrive%\windows_e??.exe
call %commande% %systemdrive%\winstall.exe
call %commande% %systemdrive%\winsys.exe
call %commande% %systemdrive%\wksv.exe
call %commande% %systemdrive%\wordpad.exe
call %commande% %systemdrive%\yz02.exe
call %commande% %systemdrive%\xinstall.exe
call %commande% %systemdrive%\xxx.exe
call %commande% %systemdrive%\RECYCLER\te32.exe
call %commande% %systemdrive%\RECYCLER\nvscvse.exe
call %commande% %systemdrive%\fatsy.exe
call %commande% %systemdrive%\ff.exe
call %commande% %systemdrive%\ffvgs.exe
call %commande% %systemdrive%\fs.exe
echo. >> %systemdrive%\rapport_clean.txt
echo *** %action% %desfichiers% %windir%\ >> %systemdrive%\rapport_clean.txt
call %commande% %windir%\3030.exe
call %commande% %windir%\ABox.exe
call %commande% %windir%\addbm32.exe
call %commande% %windir%\addbq.exe
call %commande% %windir%\addeb.exe
call %commande% %windir%\addfk.exe
call %commande% %windir%\addgc32.exe
call %commande% %windir%\addhp32.exe
call %commande% %windir%\addnp.exe
call %commande% %windir%\addtj.exe
call %commande% %windir%\addux32.exe
call %commande% %windir%\addxx32.exe
call %commande% %windir%\addyh32.exe
call %commande% %windir%\addyq32.exe
call %commande% %windir%\ad.html
call %commande% %windir%\AdobeR.exe
call %commande% %windir%\a.exe
call %commande% %windir%\ahcb.exe
call %commande% %windir%\aim.exe
call %commande% %windir%\aims.exe
call %commande% %windir%\alchem.exe
call %commande% %windir%\ALCXMNTR.EXE
call %commande% %windir%\alfa.exe
call %commande% %windir%\algs.exe
call %commande% %windir%\AntiAdwa.exe
call %commande% %windir%\apiab.exe
call %commande% %windir%\apibw.exe
call %commande% %windir%\apicq32.exe
call %commande% %windir%\apiim.exe
call %commande% %windir%\apiiz32.exe
call %commande% %windir%\apijn.exe
call %commande% %windir%\apikw.exe
call %commande% %windir%\apilz32.exe
call %commande% %windir%\apios.exe
call %commande% %windir%\apirf32.exe
call %commande% %windir%\apiug32.exe
call %commande% %windir%\apixc.exe
call %commande% %windir%\apixl32.exe
call %commande% %windir%\apize.exe
call %commande% %windir%\app??32.exe
call %commande% %windir%\appbl.exe
call %commande% %windir%\appdm.exe
call %commande% %windir%\appee32.exe
call %commande% %windir%\appfe32.exe
call %commande% %windir%\appge.exe
call %commande% %windir%\apphf32.exe
call %commande% %windir%\apphx.exe
call %commande% %windir%\appir32.exe
call %commande% %windir%\apppn32.exe
call %commande% %windir%\appqd32.exe
call %commande% %windir%\apprs32.exe
call %commande% %windir%\appuk.exe
call %commande% %windir%\appvh32.exe
call %commande% %windir%\appyj32.exe
call %commande% %windir%\atapi32.exe
call %commande% %windir%\atlae.exe
call %commande% %windir%\atlda.exe
call %commande% %windir%\atlfx.exe
call %commande% %windir%\atlgu32.exe
call %commande% %windir%\atljk32.exe
call %commande% %windir%\atllk32.exe
call %commande% %windir%\atlmi.exe
call %commande% %windir%\atloe32.exe
call %commande% %windir%\atlsg.exe
call %commande% %windir%\atlui32.exe
call %commande% %windir%\atlur32.exe
call %commande% %windir%\atlvo32.exe
call %commande% %windir%\atlxz.exe
call %commande% %windir%\atlzc.exe
call %commande% %windir%\avserve2.exe
call %commande% %windir%\avserve.exe
call %commande% %windir%\axdcfasb.exe
call %commande% %windir%\bargain4.exe
call %commande% %windir%\bbchk.exe
call %commande% %windir%\BBSTORE\DSS\DSSAGENT.EXE
call %commande% %windir%\bddkanse.exe
call %commande3% %windir%\bsx32\
call %commande% %windir%\cfg32.exe
call %commande% %windir%\lsvr.exe
call %commande% %windir%\ltdmgr.exe
call %commande% %windir%\mwsvm.dat
call %commande% %windir%\pmr.bin
call %commande% %windir%\pmr.exe
call %commande% %windir%\pmr.ocx
call %commande% %windir%\psi.ocx
call %commande% %windir%\pslauncher.exe
call %commande% %windir%\psocx.cab
call %commande% %windir%\pssetup.exe
call %commande% %windir%\urls.bin
call %commande% %windir%\vs.bin
call %commande% %windir%\vurls.bin
call %commande% %windir%\cfg32a.exe
call %commande% %windir%\CheckS02.exe
call %commande% %windir%\checkers?.exe
call %commande% %windir%\clmss.exe
call %commande% %windir%\config.exe
call %commande% %windir%\construct.exe
call %commande% %windir%\country.exe
call %commande% %windir%\crai32.exe
call %commande% %windir%\crat.exe
call %commande% %windir%\crdl32.exe
call %commande% %windir%\crdp.exe
call %commande% %windir%\crgl32.exe
call %commande% %windir%\crgz.exe
call %commande% %windir%\crii.exe
call %commande% %windir%\crip.exe
call %commande% %windir%\crlj.exe
call %commande% %windir%\crlq.exe
call %commande% %windir%\crng32.exe
call %commande% %windir%\crqq32.exe
call %commande% %windir%\crrs.exe
call %commande% %windir%\crsst.exe
call %commande% %windir%\crsq.exe
call %commande% %windir%\crtd32.exe
call %commande% %windir%\crvw32.exe
call %commande% %windir%\crwk.exe
call %commande% %windir%\crxz.exe
call %commande% %windir%\csmss.exe
call %commande% %windir%\csrs.exe
call %commande% %windir%\csrss.exe
call %commande% %windir%\cywin.exe
call %commande% %windir%\D1rectX.exe
call %commande% %windir%\d3bi.exe
call %commande% %windir%\d3cg.exe
call %commande% %windir%\d3dc32.exe
call %commande% %windir%\d3gf.exe
call %commande% %windir%\d3gk.exe
call %commande% %windir%\d3gy.exe
call %commande% %windir%\d3kr32.exe
call %commande% %windir%\d3ma.exe
call %commande% %windir%\d3mf32.exe
call %commande% %windir%\d3mv32.exe
call %commande% %windir%\d3qg32.exe
call %commande% %windir%\d3qt.exe
call %commande% %windir%\d3sm32.exe
call %commande% %windir%\d3sw.exe
call %commande% %windir%\d3sx32.exe
call %commande% %windir%\d3vs.exe
call %commande% %windir%\d3xc.exe
call %commande% %windir%\d3yy.exe
call %commande% %windir%\dbg32hlp.exe
call %commande% %windir%\dcznetv2.exe
call %commande% %windir%\devldr32.exe
call %commande% %windir%\dinst.exe
call %commande% %windir%\directx.exe
call %commande% %windir%\Dispatcher.exe
call %commande% %windir%\dlhost.exe
call %commande% %windir%\dloader.exe
call %commande% %windir%\dollar.exe
call %commande% %windir%\dov?.exe
call %commande% %windir%\Download\svhost32.exe
call %commande% %windir%\dr.exe
call %commande% %windir%\drsmartload*.dat
call %commande% %windir%\dsrss.exe
call %commande% %windir%\Duce?.exe
call %commande% %windir%\DWWIN.EXE
call %commande% %windir%\easy.exe
call %commande% %windir%\eksplorasi.exe
call %commande% %windir%\eiRecvr.exe
call %commande% %windir%\ecRecvr.exe
call %commande% %windir%\edit.exe
call %commande% %windir%\etc\services.exe
call %commande% %windir%\eimsn.exe
call %commande% %windir%\ev.exe
call %commande% %windir%\exclean.exe
call %commande% %windir%\exdl.exe
call %commande3% %windir%\exefld\
call %commande% %windir%\extel.exe
call %commande% %windir%\exul.exe
call %commande% %windir%\fi49.exe
call %commande% %windir%\firefox.exe
call %commande% %windir%\firewall_anti.exe
call %commande% %windir%\Fonts\FontInstallOnce.vbs
call %commande% %windir%\FREECELL.EXE
call %commande% %windir%\fswinsys.exe
call %commande% %windir%\fuegxvm?.exe
call %commande% %windir%\gen2.exe
call %commande% %windir%\getnexus.exe
call %commande% %windir%\gimmygames.dat
call %commande% %windir%\hdisk.exe
call %commande% %windir%\HelperVer.exe
call %commande% %windir%\Help\SPAlert.chm
call %commande% %windir%\help\svchost.exe
call %commande% %windir%\Help\internat.exe
call %commande% %windir%\Help\ipconfig.sys
call %commande% %windir%\Help\lsass.exe
call %commande% %windir%\Help\rundll32.exe
Call %commande% %windir%\Hostren.exe
Call %commande% %windir%\ho2stdll.exe
call %commande% %windir%\icont.exe
call %commande% %windir%\iecw.exe
call %commande% %windir%\iedh.exe
call %commande% %windir%\iehh32.exe
call %commande% %windir%\ieif.exe
call %commande% %windir%\iejs32.exe
call %commande% %windir%\iejt.exe
call %commande% %windir%\iepd32.exe
call %commande% %windir%\SetPoint.exe
call %commande% %windir%\CDSpeed.exe
call %commande% %windir%\iepb32.exe
call %commande% %windir%\iepq.exe
call %commande% %windir%\iesp.exe
call %commande% %windir%\ieuc.exe
call %commande% %windir%\ieunst.exe
call %commande% %windir%\IEXPL0RE.exe
call %commande% %windir%\iexpl0res.exe
call %commande% %windir%\iiexplorer.exe
call %commande% %windir%\image.exe
call %commande% %windir%\INETSVC.EXE
call %commande% %windir%\imsn.exe
call %commande% %windir%\instr32.exe
call %commande% %windir%\instr64.exe
call %commande% %windir%\windebug.log
call %commande% %windir%\windebug.log
call %commande% %windir%\Intel\rundll32.exe
call %commande% %windir%\internet.exe
call %commande% %windir%\internt.exe
call %commande% %windir%\ipbr.exe
call %commande% %windir%\ipca32.exe
call %commande% %windir%\ipfg.exe
call %commande% %windir%\ipgk32.exe
call %commande% %windir%\iphf.exe
call %commande% %windir%\iphq32.exe
call %commande% %windir%\ipia.exe
call %commande% %windir%\ipnc32.exe
call %commande% %windir%\ippv.exe
call %commande% %windir%\ipqe.exe
call %commande% %windir%\ipsg32.exe
call %commande% %windir%\iptp32.exe
call %commande% %windir%\ipuy32.exe
call %commande% %windir%\ipv7.exe
call %commande% %windir%\ipzg.exe
call %commande% %windir%\eras.exe
call %commande% %windir%\irdvxc.exe
call %commande% %windir%\iTunesMusic.exe
call %commande% %windir%\javaab.exe
call %commande% %windir%\javaiq.exe
call %commande% %windir%\javaje32.exe
call %commande% %windir%\javanq.exe
call %commande% %windir%\javapanel.exe
call %commande% %windir%\javapt.exe
call %commande% %windir%\javapw32.exe
call %commande% %windir%\javarl.exe
call %commande% %windir%\javasc32.exe
call %commande% %windir%\javatc32.exe
call %commande% %windir%\javavk32.exe
call %commande% %windir%\javayc32.exe
call %commande% %windir%\Jwintask.com
call %commande% %windir%\k4nv.exe
call %commande% %windir%\winsystems.exe
call %commande% %windir%\keyboard*.dat
call %commande% %windir%\keyboard*.exe
call %commande% %windir%\kl?.exe
call %commande% %windir%\loadadv???.exe
call %commande% %windir%\logon.exe
call %commande% %windir%\LOOP.exe
call %commande% %windir%\lsa.exe
call %commande% %windir%\lsass.exe
call %commande% %windir%\lsf.exe
call %commande% "%windir%\Matrix Code.exe"
call %commande% %windir%\ma.exe.exe
call %commande% %windir%\mc-???-??-???????.exe
call %commande% %windir%\Messenger.exe
call %commande% %windir%\mfcdr32.exe
call %commande% %windir%\mfchs32.exe
call %commande% %windir%\mfcij.exe
call %commande% %windir%\mfcmb.exe
call %commande% %windir%\mfcph32.exe
call %commande% %windir%\mfcqf32.exe
call %commande% %windir%\mfcqs.exe
call %commande% %windir%\mfcrf32.exe
call %commande% %windir%\mfcrs.exe
call %commande% %windir%\mfcrt.exe
call %commande% %windir%\mfcsz.exe
call %commande% %windir%\microsoft kit\lsass.com
call %commande% %windir%\modlb.exe
call %commande% %windir%\mousepad*.exe
call %commande% %windir%\MSAV32.exe
call %commande% %windir%\mrjj.exe
call %commande% %windir%\mscdex32.exe
call %commande% %windir%\msconfig32.exe
call %commande% %windir%\mscu.exe
call %commande% %windir%\msdnupdate32.exe
call %commande% %windir%\msdo32.exe
call %commande% %windir%\msdpy.exe
call %commande% %windir%\msdvd.exe
call %commande% %windir%\ms?????????-??.exe
call %commande% %windir%\ms?.exe
call %commande% %windir%\msfa.exe
call %commande% %windir%\MSHEARTS.EXE
call %commande% %windir%\msiconfig.exe
call %commande% %windir%\msij.exe
call %commande% %windir%\msit32.exe
call %commande% %windir%\msku32.exe
call %commande% %windir%\msmedia32.exe
call %commande% %windir%\MSmedia.exe
call %commande% %windir%\msnchecker.exe
call %commande% %windir%\msncomm.exe
call %commande% %windir%\msnd32.exe
call %commande% %windir%\msnet32.exe
call %commande% %windir%\msnlogm.exe
call %commande% %windir%\msnlogs.exe
call %commande% %windir%\msnsrv.exe
call %commande% %windir%\msoevc.exe
call %commande% %windir%\msol32.exe
call %commande% %windir%\msol.exe
call %commande% %windir%\mspath.exe
call %commande% %windir%\mspathfinder.exe
call %commande% %windir%\mspg32.exe
call %commande% %windir%\Mstray.exe
call %commande% %windir%\mssmbios.exe
call %commande% %windir%\msstl.exe
call %commande% %windir%\mssuite.exe
call %commande% %windir%\msudpspc.exe
call %commande% %windir%\msuk32.exe
call %commande% %windir%\msupdate24.exe
call %commande% %windir%\msvc.exe
call %commande% %windir%\msvcrt.exe
call %commande% %windir%\mswindll32.exe
call %commande% %windir%\mswo32.exe
call %commande% %windir%\mswr32.exe
call %commande% %windir%\msxct.exe
call %commande% %windir%\MT??ND???DoxNg.exe
call %commande% %windir%\Mws.exe
call %commande% %windir%\mxd.exe
call %commande% %windir%\mxedez.exe
call %commande% %windir%\N0rtan.exe
call %commande% %windir%\NDNuninstall?_??.exe
call %commande% %windir%\netce32.exe
call %commande% %windir%\netconf32.exe
call %commande% %windir%\netdl32.exe
call %commande% %windir%\netinfo.exe
call %commande% %windir%\netku.exe
call %commande% %windir%\netnd.exe
call %commande% %windir%\netpn32.exe
call %commande% %windir%\netrg.exe
call %commande% %windir%\netrm32.exe
call %commande% %windir%\netsz32.exe
call %commande% %windir%\NETVISION.exe
call %commande% %windir%\netwh32.exe
call %commande% %windir%\netyu.exe
call %commande% %windir%\netzj.exe
call %commande% %windir%\newfrn.exe
call %commande% %windir%\newname.dat
call %commande% %windir%\newname*.dat
call %commande% %windir%\newname*.exe
call %commande% %windir%\nlc.exe
call %commande% %windir%\ntan.exe
call %commande% %windir%\ntba32.exe
call %commande% %windir%\ntbg32.exe
call %commande% %windir%\ntgu.exe
call %commande% %windir%\nths32.exe
call %commande% %windir%\ntjb32.exe
call %commande% %windir%\ntkh32.exe
call %commande% %windir%\ntks32.exe
call %commande% %windir%\NT\nrcs.exe
call %commande% %windir%\ntod32.exe
call %commande% %windir%\ntpg.exe
call %commande% %windir%\ntrv.exe
call %commande% %windir%\ntsg32.exe
call %commande% %windir%\ntsys32.exe
call %commande% %windir%\ntvo.exe
call %commande% %windir%\ntvx32.exe
call %commande% %windir%\ntvy.exe
call %commande% %windir%\ntws32.exe
call %commande% %windir%\ntyf32.exe
call %commande% %windir%\ntyk32.exe
call %commande% %windir%\ntze32.exe
call %commande% %windir%\offun.exe
call %commande% %windir%\osaupd.exe
call %commande% %windir%\pp.exe
call %commande% %windir%\pp.exe.exe
call %commande% %windir%\Passepartout.exe
call %commande% %windir%\patcher.exe
call %commande% %windir%\paytime.exe
call %commande% %windir%\pc.exe
call %commande% %windir%\PING.EXE
call %commande% %windir%\plugin.exe
call %commande% %windir%\plugnplay.exe
call %commande% %windir%\pmsngere.exe
call %commande% %windir%\pnpasn32.exe
call %commande% "%windir%\Poker 770 setup.exe"
call %commande% %windir%\pwnsvc.exe
call %commande% %windir%\qaz4.txt
call %commande% %windir%\qtask.exe
call %commande% %windir%\rdt.ini
call %commande% %windir%\regdll.exe
call %commande% %windir%\regprc32.bat
call %commande% %windir%\revpzcw.exe
call %commande% %windir%\rofl.exe
call %commande% %windir%\ROUTE.EXE
call %commande% %windir%\Router.exe
call %commande% %windir%\rqqsnd.exe
call %commande% %windir%\rucnmlg?.exe
call %commande% %windir%\rundlI32.exe
call %commande% %windir%\RUNXMLPL.exe
call %commande% %windir%\rzrunins.exe
call %commande% %windir%\satmat.exe
call %commande% %windir%\sc.exe
call %commande% %windir%\scvhost.exe
call %commande% %windir%\sdfdil.exe
call %commande% %windir%\sdkbo.exe
call %commande% %windir%\sdkcd.exe
call %commande% %windir%\sdkgb.exe
call %commande% %windir%\sdkhu32.exe
call %commande% %windir%\sdknn32.exe
call %commande% %windir%\sdkre32.exe
call %commande% %windir%\sdksm32.exe
call %commande% %windir%\sdktemp.exe
call %commande% %windir%\sdkti32.exe
call %commande% %windir%\sdkuz.exe
call %commande% %windir%\securidel.exe
call %commande% %windir%\server.exe
call %commande% %windir%\Service.exe
call %commande% %windir%\services32.exe
call %commande% %windir%\services.exe
call %commande% %windir%\Session.exe
call %commande% %windir%\SexNow!.exe
call %commande% %windir%\shch.exe
call %commande% %windir%\ShellNew\sempalong.exe
call %commande% %windir%\shost.exe
call %commande% %windir%\sla.exe
call %commande% %windir%\smdat32m.sys
call %commande% %windir%\smsc.exe
call %commande% %windir%\smsmanger.exe
call %commande% %windir%\smss.exe
call %commande% %windir%\sndvol32.exe
call %commande% %windir%\socketx113.sys
call %commande% %windir%\soft.exe
call %commande% %windir%\SOL.EXE
call %commande% %windir%\spdauth.exe
call %commande% %windir%\spool\newdr.exe
call %commande% %windir%\spread.exe
call %commande% %windir%\sql-dgm.exe
call %commande% %windir%\srv32.exe
call %commande% %windir%\srvc32.exe
call %commande% %windir%\srvsc.exe
call %commande% %windir%\svahost.exe
call %commande% %windir%\svch0st.exe
call %commande% %windir%\svch0stra.exe
call %commande% %windir%\svchost.exe
call %commande% %windir%\svcproc.exe
call %commande% %windir%\svehost32.exe
call %commande% %windir%\sysbm.exe
call %commande% %windir%\SYSC00.exe
call %commande% %windir%\syscd32.exe
call %commande% %windir%\syscq.exe
call %commande% %windir%\syscu.exe
call %commande% %windir%\sysdat.exe
call %commande% %windir%\sysem32.exe
call %commande% %windir%\sys??-????????.exe
call %commande% %windir%\sys???????????.exe
call %commande% %windir%\sysfo.exe
call %commande% %windir%\svshost.exe
call %commande% %windir%\syshg.exe
call %commande% %windir%\sysjf32.exe
call %commande% %windir%\sysjv32.exe
call %commande% %windir%\sysko32.exe
call %commande% %windir%\syskr32.exe
call %commande% %windir%\sysmanager.exe
call %commande% %windir%\sysmgr64.exe
call %commande% %windir%\sysng32.exe
call %commande% %windir%\sysnn.exe
call %commande% %windir%\sysnt.exe
call %commande% %windir%\sysow32.exe
call %commande% %windir%\sysqg32.exe
call %commande% %windir%\sysqi.exe
call %commande% %windir%\sysrestore.exe
call %commande% %windir%\systay.exe
call %commande% %windir%\sv.exe
call %commande% %windir%\runsql.exe
call %commande% %windir%\svzip.exe
call %commande% %windir%\system32\dllcache\ageofempires.exe
call %commande% %windir%\system32\dllcache\ffchost.exe
call %commande% %windir%\system32\dllcache\msiupdate32.exe
call %commande% %windir%\system32\dllcache\ppchost.exe
call %commande% %windir%\system32\dllcache\prsc32.exe
call %commande% %windir%\system32\dllcache\wkactview.exe
call %commande% %windir%\system32\dllcache\win32\winlogon.exe
call %commande% %windir%\System32ftuninst.exe
call %commande% %windir%\System32tfthot.exe
call %commande% %windir%\system.exe
call %commande% %windir%\SYSWIN32.EXE
call %commande% %windir%\syszl32.exe
call %commande% %windir%\Tagasuarus2.exe
call %commande% %windir%\taskbar.exe
call %commande% %windir%\taskbarmngr.exe
call %commande% %windir%\taskcntr.exe
call %commande% %windir%\task.exe
call %commande% %windir%\taskmam.exe
call %commande% %windir%\tcphost.exe
call %commande3% %windir%\TEMPER
call %commande3% %windir%\this_is_system
call %commande% %windir%\teller2.chk
call %commande% %windir%\temp\mc???.tmp
call %commande% %windir%\temp_update.exe
call %commande% %windir%\temp.exe
call %commande% %windir%\timed.exe
call %commande% %windir%\toolbar.exe
call %commande% %windir%\tool?.exe
call %commande% %windir%\trustinbar.exe
call %commande% %windir%\tsecure.exe
call %commande% %windir%\ts.exe
call %commande% %windir%\UnGins.exe
call %commande% %windir%\uniq
call %commande% %windir%\uninstall\rundl132.exe
call %commande% %windir%\usnsvc.exe
call %commande% %windir%\update\updmgr.exe
call %commande% %windir%\USBSubsystem
call %commande% %windir%\user32.exe
call %commande% %windir%\userinit.exe
call %commande% %windir%\utzpnuxA
call %commande% %windir%\utzpnux.exe
call %commande% %windir%\v1201.exe
call %commande% %windir%\vi.exe
call %commande% %windir%\vsmom.exe
call %commande% %windir%\wallpap.exe
call %commande% %windir%\wfbmgr.exe
call %commande% %windir%\widupdate.exe
call %commande% %windir%\wlmsngr.exe
call %commande% %windir%\win32exec.exe
call %commande% %windir%\win325b.exe
call %commande% %windir%\win32ssr.exe
call %commande% %windir%\winamp.exe
call %commande% %windir%\wincc.exe
call %commande% %windir%\wincv.exe
call %commande% %windir%\windb.exe
call %commande% %windir%\windowsupdates.exe
call %commande% %windir%\windowsvalidation.exe
call %commande% %windir%\windupdate.exe
call %commande% %windir%\win??????-??????.exe
call %commande% %windir%\win???????-??????.exe
call %commande% %windir%\winfws.exe
call %commande% %windir%\wingm.exe
call %commande% %windir%\winhd32.exe
call %commande% %windir%\winhlep.exe
call %commande% %windir%\winik32.exe
call %commande% %windir%\winkl32.exe
call %commande% %windir%\winlog.exe
call %commande% %windir%\winlogon.exe
call %commande% %windir%\winmgc.exe
call %commande% %windir%\winmsgr.exe
call %commande% %windir%\dispatcher.exe
call %commande% %windir%\winmon.exe
call %commande% %windir%\msdrv.exe
call %commande% %windir%\winni32.exe
call %commande% %windir%\winscntrl.exe
call %commande% %windir%\Winsdl.exe
call %commande% %windir%\winsmc.exe
call %commande% %windir%\winssvc.exe
call %commande% %windir%\winsysban??.exe
call %commande% %windir%\wintd32.exe
call %commande% %windir%\WinVid32.exe
call %commande% %windir%\winyq32.exe
call %commande% %windir%\wdfmgrr.exe
call %commande% %windir%\wkssvc.exe
call %commande% %windir%\wmiapsrv.exe
call %commande% %windir%\wmsnlivexp.exe
call %commande% %windir%\WMCRRS.exe
call %commande% %windir%\wordpad.exe
call %commande% %windir%\wpablan.exe
call %commande% %windir%\wsctf.exe
call %commande% %windir%\wupdate.exe
call %commande% %windir%\wupdt.exe
call %commande% %windir%\xapqrg.exe
call %commande% %windir%\Xhrmy.exe
call %commande% %windir%\xload.exe
call %commande% %windir%\XPService.exe
call %commande% %windir%\xpupdate.exe
call %commande% %windir%\YazzleBundle-*.exe
call %commande% %windir%\yazzle.exe
call %commande% %windir%\zeta.exe
call %commande% %windir%\_zs?uninst_*.exe
call %commande3% C:\WINDOWS\TSKS~1\
call %commande3% %windir%\BDE\
call %commande3% %windir%\browserxtras\
call %commande3% %windir%\bsx32\
call %commande% %windir%\bursp.exe
call %commande% %windir%\bxproxy.exe
call %commande% %windir%\cfg32.exe
call %commande3% %windir%\EliteToolBar\
call %commande3% %windir%\help\directx.exe
call %commande3% %windir%\help\vmnetdhcp.exe
call %commande3% %windir%\INET20001\
call %commande3% %windir%\INET20002\
call %commande3% %windir%\inet20003\
call %commande3% %windir%\inet20004\
call %commande3% %windir%\inet20026
call %commande3% %windir%\inet20111\
call %commande3% %windir%\inet20126\
call %commande% %windir%\MacAfee.com
call %commande3% %windir%\mdrive\
call %commande% %windir%\mediacon.exe
call %commande3% %windir%\update\
call %commande3% %windir%\WinSecurity\
call %commande3% %windir%\winsock
call %commande% %windir%\WinSock32.exe
call %commande% "%windir%\photo album.zip"
call %commande% "%windir%\photos.zip"
call %commande% %windir%\addat32.exe
call %commande% %windir%\addbm32.exe
call %commande% %windir%\addbq.exe
call %commande% %windir%\addeb.exe
call %commande% %windir%\addfk.exe
call %commande% %windir%\addgc32.exe
call %commande% %windir%\addhp32.exe
call %commande% %windir%\addmo32.exe
call %commande% %windir%\addnp.exe
call %commande% %windir%\addof.exe
call %commande% %windir%\addtj.exe
call %commande% %windir%\addux32.exe
call %commande% %windir%\addxx32.exe
call %commande% %windir%\addyh32.exe
call %commande% %windir%\addyq32.exe
call %commande% %windir%\aimmsn.exe
call %commande% %windir%\apiab.exe
call %commande% %windir%\apicq32.exe
call %commande% %windir%\apiim.exe
call %commande% %windir%\apiiz32.exe
call %commande% %windir%\apijn.exe
call %commande% %windir%\apikw.exe
call %commande% %windir%\apilz32.exe
call %commande% %windir%\apios.exe
call %commande% %windir%\apipz.exe
call %commande% %windir%\apirf32.exe
call %commande% %windir%\apiug32.exe
call %commande% %windir%\apixc.exe
call %commande% %windir%\apixl32.exe
call %commande% %windir%\apize.exe
call %commande% %windir%\appbl.exe
call %commande% %windir%\appee32.exe
call %commande% %windir%\appfe32.exe
call %commande% %windir%\appge.exe
call %commande% %windir%\apphf32.exe
call %commande% %windir%\apphx.exe
call %commande% %windir%\appir32.exe
call %commande% %windir%\apppn32.exe
call %commande% %windir%\appqd32.exe
call %commande% %windir%\apprs32.exe
call %commande% %windir%\appuk.exe
call %commande% %windir%\appva32.exe
call %commande% %windir%\appvh32.exe
call %commande% %windir%\atlae.exe
call %commande% %windir%\atlda.exe
call %commande% %windir%\atlfx.exe
call %commande% %windir%\atlgu32.exe
call %commande% %windir%\atljk32.exe
call %commande% %windir%\atllk32.exe
call %commande% %windir%\atlmi.exe
call %commande% %windir%\atloe32.exe
call %commande% %windir%\atlsg.exe
call %commande% %windir%\atlui32.exe
call %commande% %windir%\atlur32.exe
call %commande% %windir%\atlvo32.exe
call %commande% %windir%\atlxz.exe
call %commande% %windir%\atlzc.exe
call %commande% %windir%\aswboot.exe
call %commande% %windir%\BDE\Cache\bdeclean.exe
call %commande% %windir%\BDE\b3dsetup.exe
call %commande% %windir%\BDE\bdeclean.exe
call %commande3% %windir%\cdmweb\
call %commande% %windir%\crai32.exe
call %commande% %windir%\crdl32.exe
call %commande% %windir%\crdp.exe
call %commande% %windir%\crgl32.exe
call %commande% %windir%\crii.exe
call %commande% %windir%\crlj.exe
call %commande% %windir%\crlq.exe
call %commande% %windir%\crng32.exe
call %commande% %windir%\crny.exe
call %commande% %windir%\crqq32.exe
call %commande% %windir%\crrs.exe
call %commande% %windir%\crtd32.exe
call %commande% %windir%\crvw32.exe
call %commande% %windir%\crwk.exe
call %commande% %windir%\crxu32.exe
call %commande% %windir%\crxz.exe
call %commande% %windir%\cryi.exe
call %commande% %windir%\Cursors\aim6.exe
call %commande% %windir%\Cursors\GbpSvc.exe
call %commande% %windir%\Cursors\Rg2catbd.exe
call %commande% %windir%\Ndtstat.exe
call %commande% %windir%\Cursors\Ndtstat.exe
call %commande% %windir%\udll.exe
call %commande% %windir%\mdll.exe
call %commande% %windir%\Cursors\udll.exe
call %commande% %windir%\Cursors\mdll.exe
call %commande% %windir%\d3bi.exe
call %commande% %windir%\d3bw32.exe
call %commande% %windir%\d3cg.exe
call %commande% %windir%\d3dc32.exe
call %commande% %windir%\d3gf.exe
call %commande% %windir%\d3gk.exe
call %commande% %windir%\d3gy.exe
call %commande% %windir%\d3kr32.exe
call %commande% %windir%\d3ma.exe
call %commande% %windir%\d3mf32.exe
call %commande% %windir%\d3mv32.exe
call %commande% %windir%\d3qg32.exe
call %commande% %windir%\d3qt.exe
call %commande% %windir%\d3sm32.exe
call %commande% %windir%\d3sq.exe
call %commande% %windir%\d3sw.exe
call %commande% %windir%\d3sx32.exe
call %commande% %windir%\d3vs.exe
call %commande% %windir%\d3xc.exe
call %commande% %windir%\d3yy.exe
call %commande% %windir%\EDpbw.exe
call %commande% %windir%\dnscleaner.exe
call %commande% %windir%\encrits.exe
call %commande% %windir%\hotporn.exe
call %commande% %windir%\iecw.exe
call %commande% %windir%\iedh.exe
call %commande% %windir%\iehh32.exe
call %commande% %windir%\ieif.exe
call %commande% %windir%\iejs32.exe
call %commande% %windir%\iepd32.exe
call %commande% %windir%\iepq.exe
call %commande% %windir%\iesp32.exe
call %commande% %windir%\iesp.exe
call %commande% %windir%\ieuc.exe
call %commande% %windir%\ipbr.exe
call %commande% %windir%\ipca32.exe
call %commande% %windir%\ipfg.exe
call %commande% %windir%\ipgk32.exe
call %commande% %windir%\iphq32.exe
call %commande% %windir%\ipia.exe
call %commande% %windir%\ipmx32.exe
call %commande% %windir%\ipnc32.exe
call %commande% %windir%\ippv.exe
call %commande% %windir%\ipqe.exe
call %commande% %windir%\ipsg32.exe
call %commande% %windir%\iptp32.exe
call %commande% %windir%\ipuy32.exe
call %commande% %windir%\ipyw.exe
call %commande% %windir%\javaab.exe
call %commande% %windir%\javabo32.exe
call %commande% %windir%\javaiq.exe
call %commande% %windir%\javaje32.exe
call %commande% %windir%\javanq.exe
call %commande% %windir%\javapt.exe
call %commande% %windir%\javapw32.exe
call %commande% %windir%\javarl.exe
call %commande% %windir%\javasc32.exe
call %commande% %windir%\javatc32.exe
call %commande% %windir%\javavk32.exe
call %commande% %windir%\javayc32.exe
call %commande% %windir%\mfcdr32.exe
call %commande% %windir%\mfcfk32.exe
call %commande% %windir%\mfchs32.exe
call %commande% %windir%\mfcij.exe
call %commande% %windir%\mfcmb.exe
call %commande% %windir%\mfcph32.exe
call %commande% %windir%\mfcqf32.exe
call %commande% %windir%\mfcqr.exe
call %commande% %windir%\mfcqs.exe
call %commande% %windir%\mfcrf32.exe
call %commande% %windir%\mfcrs.exe
call %commande% %windir%\mfcrt.exe
call %commande% %windir%\mfcsz.exe
call %commande% %windir%\ml.exe
call %commande% %windir%\mmpopoct.exe
call %commande% %windir%\msdo32.exe
call %commande% %windir%\msfa.exe
call %commande% %windir%\msgy32.exe
call %commande% %windir%\msij.exe
call %commande% %windir%\msit32.exe
call %commande% %windir%\msku32.exe
call %commande% %windir%\msimn.exe
call %commande% %windir%\mslog.exe
call %commande% %windir%\msnmsgr.exe
call %commande% %windir%\msnd32.exe
call %commande% %windir%\msol32.exe
call %commande% %windir%\msol.exe
call %commande% %windir%\mspg32.exe
call %commande% %windir%\msuk32.exe
call %commande% %windir%\mswo32.exe
call %commande% %windir%\mswr32.exe
call %commande% %windir%\netce32.exe
call %commande% %windir%\netdl32.exe
call %commande% %windir%\netku.exe
call %commande% %windir%\netnd.exe
call %commande% %windir%\netrg.exe
call %commande% %windir%\netrm32.exe
call %commande% %windir%\netsz32.exe
call %commande% %windir%\netwh32.exe
call %commande% %windir%\netyu.exe
call %commande% %windir%\netzj.exe
call %commande% %windir%\ntan.exe
call %commande% %windir%\ntba32.exe
call %commande% %windir%\ntbg32.exe
call %commande% %windir%\ntdz.exe
call %commande% %windir%\ntgu.exe
call %commande% %windir%\nths32.exe
call %commande% %windir%\ntjb32.exe
call %commande% %windir%\ntkh32.exe
call %commande% %windir%\ntks32.exe
call %commande% %windir%\ntod32.exe
call %commande% %windir%\ntpg.exe
call %commande% %windir%\ntrv.exe
call %commande% %windir%\ntsg32.exe
call %commande% %windir%\ntvo.exe
call %commande% %windir%\ntvx32.exe
call %commande% %windir%\ntws32.exe
call %commande% %windir%\ntxz32.exe
call %commande% %windir%\ntyf32.exe
call %commande% %windir%\ntze32.exe
call %commande% %windir%\offun.exe
call %commande% %windir%\per.exe
call %commande% %windir%\pwr.exe
call %commande% %windir%\pwrs.exe
call %commande% %windir%\rundll.exe
call %commande% %windir%\svhoster.exe
call %commande% %windir%\sv.exe
call %commande% %windir%\svzip.exe
call %commande% %windir%\runsql.exe
call %commande% %windir%\svc.exe
call %commande% %windir%\sig1.exe
call %commande% %windir%\shicoxp.exe
call %commande% %windir%\spoolersv.exe
call %commande% %windir%\sdkbo.exe
call %commande% %windir%\sdkcd.exe
call %commande% %windir%\sdkhu32.exe
call %commande% %windir%\sdknn32.exe
call %commande% %windir%\sdkre32.exe
call %commande% %windir%\sdksm32.exe
call %commande% %windir%\sdkti32.exe
call %commande% %windir%\sdkuz.exe
call %commande% %windir%\sdkwy32.exe
call %commande% %windir%\SSVICHOSST.exe
call %commande% %windir%\system32\service\navupdt2.exe
call %commande% %windir%\system32\service\services.exe
call %commande% %windir%\sysbm.exe
call %commande% %windir%\syscd32.exe
call %commande% %windir%\syscq.exe
call %commande% %windir%\syscu.exe
call %commande% %windir%\sysem32.exe
call %commande% %windir%\sysfo.exe
call %commande% %windir%\syshg.exe
call %commande% %windir%\sysjf32.exe
call %commande% %windir%\sysjv32.exe
call %commande% %windir%\sysjy32.exe
call %commande% %windir%\sysko32.exe
call %commande% %windir%\sysng32.exe
call %commande% %windir%\sysnn.exe
call %commande% %windir%\sysqg32.exe
call %commande% %windir%\sysqi.exe
call %commande% %windir%\sysvt32.exe
call %commande% %windir%\syszl32.exe
call %commande% %windir%\t\services.exe
call %commande% %windir%\t\mmx906.exe
call %commande% %windir%\Taskend.exe
call %commande% %windir%\teller2.chk
call %commande% %windir%\vuaudc.exe
call %commande% %windir%\winax32.exe
call %commande% %windir%\wincc.exe
call %commande% %windir%\wincv.exe
call %commande% %windir%\windb.exe
call %commande% %windir%\wingm.exe
call %commande% %windir%\winhd32.exe
call %commande% %windir%\winik32.exe
call %commande% %windir%\winkl32.exe
call %commande% %windir%\winhlp.exe
call %commande% %windir%\winhlp32.dat
call %commande% %windir%\winservicehost.exe
call %commande% %windir%\wintech.exe
call %commande% %windir%\winmgr.exe
call %commande% %windir%\winni32.exe
call %commande% %windir%\wintd32.exe
call %commande% %windir%\winug32.exe
call %commande% %windir%\winul32.exe
call %commande% %windir%\winunins.exe
call %commande% %windir%\winvu32.exe
call %commande% %windir%\ying.exe
call %commande% %windir%\XEYU.EXE
call %commande% %windir%\XSFR.EXE
call %commande% %windir%\STRAD.EXE
call %commande% %windir%\ZSER.EXE
call %commande% %windir%\A1.EXE
call %commande% %windir%\S1.EXE
call %commande% %windir%\system32\D1.EXE
call %commande% %windir%\system32\SYSARC.EXE
call %commande% %windir%\system32\F1.EXE
call %commande% %windir%\system32\Ttt.exe
call %commande% %windir%\Avconsol.exe
call %commande% %windir%\Zap.exe
call %commande% %windir%\system32\Hide32.exe
call %commande% %windir%\Strad.exe
call %commande% %windir%\Zser.exe
call %commande% %windir%\system32\Xeyu.exe
call %commande% %windir%\system32\Xsfr.exe
rem call %commande% %windir%\win??????????????.exe
echo. >> %systemdrive%\rapport_clean.txt
echo *** %action% %desfichiers% %windir%\system32 >> %systemdrive%\rapport_clean.txt
call %commande% %windir%\system\a.exe
call %commande% %windir%\system\services.exe
call %commande% %windir%\system32\2???_2?.dll
call %commande% %windir%\system32\?????_netapi.exe
call %commande% %windir%\system32\a.exe
call %commande% %windir%\system32\alfa.exe
call %commande% %windir%\system32\alt.exe
call %commande% %windir%\system32\angelex.exe
call %commande% %windir%\System32\wapisvit.exe
call %commande% %windir%\System32\regedit.com
call %commande% %windir%\System32\cmd.com
call %commande% %windir%\System32\tasklist.com
call %commande% %windir%\System32\taskkill.com
call %commande% %windir%\System32\tracert.com
call %commande% %windir%\System32\ping.com
call %commande% %windir%\System32\netstat.com
call %commande% %windir%\service\services.exe
call %commande% %windir%\service\navupdt2.exe
call %commande% %windir%\rqqsnd.exe
call %commande% %windir%\system\taskmam.exe
call %commande% %windir%\install.exe
call %commande% %windir%\Cursors\yong.exe
call %commande% %windir%\msnmsgr1.exe
call %commande% %windir%\msnmsgr2.exe
call %commande% %windir%\system\msnmsgr.cmd
call %commande% %windir%\system\down32.cmd
call %commande% %windir%\system32\icpldrvx.js
call %commande2% %windir%\system32\dllvirtual.dll
call %commande% %windir%\system32\dllvirtual.js
call %commande2% %windir%\system32\syshosts.dll
call %commande2% %windir%\system32\syshelps.dll
call %commande% %windir%\album.zip
call %commande% %windir%\system32\_taskmrg.exe
call %commande% %windir%\system32\1010s.exe
call %commande% %windir%\system32\_mzu_stonedrv?.exe
call %commande% %windir%\system32\1024\*.tmp
call %commande% %windir%\system32\aa.exe.exe
call %commande% %windir%\system32\ABC.EXE
call %commande% %windir%\system32\acroup32.exe
call %commande3% %windir%\system32\AdCache
call %commande3% %windir%\system32\algsrv.exe
call %commande3% %windir%\system32\alserv32.exe
call %commande% %windir%\system32\adchkr.exe
call %commande% %windir%\system32\addas32.exe
call %commande% %windir%\system32\addbh.exe
call %commande% %windir%\system32\addbk.exe
call %commande% %windir%\system32\adddf.exe
call %commande% %windir%\system32\addhg.exe
call %commande% %windir%\system32\addps.exe
call %commande% %windir%\system32\addqf.exe
call %commande% %windir%\system32\addqr.exe
call %commande% %windir%\system32\addrh.exe
call %commande% %windir%\system32\addun32.exe
call %commande% %windir%\system32\addwa.exe
call %commande% %windir%\system32\addxq32.exe
call %commande% %windir%\system32\addyc.exe
call %commande% %windir%\system32\adirss.exe
call %commande% %windir%\system32\agetltyes.exe
call %commande% %windir%\system32\apiae.exe
call %commande% %windir%\system32\apiey32.exe
call %commande% %windir%\system32\apigu32.exe
call %commande% %windir%\system32\apiin32.exe
call %commande% %windir%\system32\apila.exe
call %commande% %windir%\system32\apilt32.exe
call %commande% %windir%\system32\apioh.exe
call %commande% %windir%\system32\apiot32.exe
call %commande% %windir%\system32\apipc.exe
call %commande% %windir%\system32\apira.exe
call %commande% %windir%\system32\apivh.exe
call %commande% %windir%\system32\apiwi32.exe
call %commande% %windir%\system32\appaz.exe
call %commande% %windir%\system32\appbe.exe
call %commande% %windir%\system32\appdq.exe
call %commande% %windir%\system32\appku.exe
call %commande% %windir%\system32\apply.exe
call %commande% %windir%\system32\appqq32.exe
call %commande% %windir%\system32\appqx32.exe
call %commande% %windir%\system32\appsb32.exe
call %commande% %windir%\system32\appsc.exe
call %commande% %windir%\system32\appsu32.exe
call %commande% %windir%\system32\appwx.exe
call %commande% %windir%\system32\appzc32.exe
call %commande% %windir%\system32\atividx.exe
call %commande% %windir%\system32\atmtd.dll._
call %commande% %windir%\system32\atlad32.exe
call %commande% %windir%\system32\atlcg32.exe
call %commande% %windir%\system32\atldq32.exe
call %commande% %windir%\system32\atleq32.exe
call %commande% %windir%\system32\atlgh32.exe
call %commande% %windir%\system32\atlgl.exe
call %commande% %windir%\system32\atljo32.exe
call %commande% %windir%\system32\atlkv32.exe
call %commande% %windir%\system32\atlmb32.exe
call %commande% %windir%\system32\atlom32.exe
call %commande% %windir%\system32\atlru.exe
call %commande% %windir%\system32\atlsj32.exe
call %commande% %windir%\system32\atlsl32.exe
call %commande% %windir%\system32\atlto.exe
call %commande% %windir%\system32\atlur.exe
call %commande% %windir%\system32\atlwi.exe
call %commande% %windir%\system32\atlyf32.exe
call %commande% %windir%\system32\atlyv.exe
call %commande% %windir%\system32\atmtmgr.exe
call %commande% %windir%\system32\autorun.bat
call %commande% %windir%\system32\autorun.vbs
call %commande% %windir%\system32\audngine.exe
call %commande% %windir%\system32\b.exe
call %commande% %windir%\system32\config\drpep.exe
call %commande% %windir%\system32\config\sys\services.exe
call %commande% %windir%\system32\config.exe
call %commande% %windir%\system32\crai.exe
call %commande% %windir%\system32\crar32.exe
call %commande% %windir%\system32\crbs32.exe
call %commande% %windir%\system32\crcl.exe
call %commande% %windir%\system32\crcq32.exe
call %commande% %windir%\system32\criq32.exe
call %commande% %windir%\system32\crjn32.exe
call %commande% %windir%\system32\crjx.exe
call %commande% %windir%\system32\crmh.exe
call %commande% %windir%\system32\crtc32.exe
call %commande% %windir%\system32\crui32.exe
call %commande4% %windir%\system32\ctpmon.exe
call %commande% %windir%\system32\d3bg.exe
call %commande% %windir%\system32\d3br32.exe
call %commande% %windir%\system32\d3bx.exe
call %commande% %windir%\system32\d3bx.exe
call %commande% %windir%\system32\d3ce32.exe
call %commande% %windir%\system32\d3cn32.exe
call %commande% %windir%\system32\d3fj.exe
call %commande% %windir%\system32\d3ju.exe
call %commande% %windir%\system32\d3kh.exe
call %commande% %windir%\system32\d3lr32.exe <
rem Par Malekal_morte
rem translation by Ruby
rem Suppression de fichiers utilises par des malwares
set ver=Rapport clean par Malekal_morte - http://www.malekal.com
set lang=int
if exist "%userprofile%\Bureau" ( set lang=fra )
if exist "Programme\Gemeinsame Dateien\" ( set lang = de )
if %lang%==fra (
set noexist1=Des fichiers sont manquants, avez-vous bien decompresse toute l'archive?
set noexist2=Le script ne peut continuer a s'executer..
set translation=traduction par Ruby
set menu= Choisissez l'une des options suivantes :
set menu1= 1. Recherche de fichiers infectieux
set menu2= 2. Nettoyage des fichiers infectieux
set menu3= Q. Quitter
set cherche=La recherche debute.. Ceci peut prendre plusieurs minutes.. Soyez PATIENT !!!
set cherche2=Option 1, executee le
set warning=Clean va supprimer les fichiers et dossiers connus pour etre des malwares.
set warning2=Il est recommande d'utiliser cette option avec un expert a partir de forum de securite tel que :
set forum=http://forum.malekal.com
set forum2=https://forum.zebulon.fr/
set forum3=http://forum.telecharger.01net.com/forum/
set patient=Merci de bien vouloir patienter et d'attendre le message disant que le programme a termine.
set mode=Script execute en mode normal
set modealerte=Vous tentez d'executer le script en mode normal, il est recommande de le faire en mode sans echec
set modealerte1=Option 2, execute le
set modealerte2=Script execute en mode sans echec
set desfichiers=des fichiers dans
set registre=Suppression des clefs du registre..
set registre2=Suppression des clefs du registre effectuee..
set findurapport=*** Fin du rapport !
set termine=Termine.... !
set rapport=Le rapport de scan va s'ouvrir.
set enregistrerrapport=Vous pouvez l'enregistrer sur le bureau ^(Menu Fichier / enregistrer-sous^) afin de coller le contenu du rapport.
)
if %lang%==de (
set noexist1=Dateien fehlen, haben Sie das ganze Archiv entpackt?
set noexist2=Das Skript kann nicht weiter ausgeführt werden..
set translation=Ein Dankeschön an Ruby
set menu= Wählen Sie eine der folgenden Optionen :
set menu1= 1. Suche nach infektiösen Dateien
set menu2= 2. Reinigung der infektiösen Dateien
set menu3= Q. Beenden
set cherche=Die Suche beginnt.. Das kann einige Minuten dauern.. Seien Sie geduldig !!!
set cherche2=Eingabe %Datum% und %Zeit%
set warning=Clean wird die Dateien und Ordner, die als Malware bekannt sind, entfernen.
set warning2=Es wird empfohlen, diese Option nach Anweisung eines Experten folgender Foren anzuwenden:
set forum=http://forum.malekal.com
set forum2=
set forum3=
set patient=Dies dauert einige Zeit. Bitte haben Sie Geduld und warten Sie auf die Meldung, dass es beendet ist.
set mode=Skript im normalen Modus ausgeführt
set modealerte=Sie versuchen das Skript im normalen Modus auszuführen, der abgesicherte Modus ist erforderlich.
set modealerte2=Skript im abgesicherten Modus ausgeführt
set desfichiers=Dateien auf dem
set registre=Entfernung der Registrierungsschlüssel..
set registre2=Entfernung der Registrierungsschlüssel erfolgreich..
set findurapport=*** Ende des Berichts !
set termine=Ende des Berichts !
set rapport=Der Sxan Bericht wird sich nun öffnen.
set enregistrerrapport=Sie können ihn auf dem Desktop abspeichern ^(Menu Dateien / speichern als^) wenn Sie den Inhalt des Berichtes kopiert haben.
)
if %lang%==int (
set noexist1=files missed, did you unzip the whole archive?
set noexist2=The Script can not further be executed..
set translation=translation by Ruby
set menu= Choose one of the following Options :
set menu1= 1. Search for infected files
set menu2= 2. Cleaning of the infected files
set menu3= Q. Complete
set cherche=The search is starting.. This can last some minutes.. Please be patient !!!
set cherche2=Option 1, executee le
set warning=Clean will delete all those files and folders which are known to be malware.
set warning2=It is recommended, to apply this option after instruction of an expert of one the following forums:
set forum=https://www.malwareremoval.com/
set forum2=http://www.geekstogo.com/forum/index.php
set forum3=http://ww25.forums.spywareinfo.com/
set patient=This will last some time. Please be patient and wait until you get the message that it's finished.
set mode=Script executed in Normal Mode
set modealerte=You try to execute the script in Normal Mode, Safe Mode is required.
set modealerte1=Option 2, Enter
set modealerte2=Script executed in Safe Mode
set findurapport=files on
set registre=Deletion of the registry keys..
set registre2=Deletion of the registry keys successful..
set termine=Terminated.... !
set findurapport=*** End of the report !
set rapport=The scan report will open now.
set enregistrerrapport=You can save the report ^(Menu Files / Save as^) please copy the content of this reportfile first.
)
if not exist del2.cmd (
echo %noexist1%
echo %noexist2%
pause
goto end2
)
if exist %systemdrive%\rapport_clean.txt del /F /Q %systemdrive%\rapport_clean.txt
:menu
cls
set fixvers=v1.00
set auteur=Malekal_morte
echo.
echo.
echo Clean %fixvers% par Malekal_morte
echo %translation%
echo.
echo.
echo.
echo %menu%
echo.
echo %menu1%
echo %menu2%
echo %menu3%
echo.
echo --- http://www.malekal.com ---
echo.
echo.
echo.
) else (
set ChoixMenu=''
set /p ChoixMenu=%sChoice% (1,2,3,Q) :
if '%ChoixMenu%'=='q' GOTO exit
if '%ChoixMenu%'=='Q' GOTO exit
if '%ChoixMenu%'=='1' GOTO chercher
if '%ChoixMenu%'=='2' GOTO clean
goto menu
:chercher
set commande=cherche
set commande2=cherche
set commande3=cherche
set commande4=cherche
set action=Recherche
echo.
echo %cherche%
echo %chercher2% %date% a %time% >> %systemdrive%\rapport_clean.txt
goto go
:clean
set commande=del2
set commande2=del3
set commande3=delr
set commande4=delsiri
set action=Suppression
echo %cherche%
cls
echo %warning%
echo.
set %warning2%
set %forum%
set %forum2%
set %forum3%
echo.
echo %patient%
echo.
pause
echo.
if not defined safeboot_option (
echo %mode%
echo %modealerte%
pause
echo.
)
if defined safeboot_option echo %modealerte2% >> %systemdrive%\rapport_clean.txt
echo %ver% >> %systemdrive%\rapport_clean.txt
echo %modealerte1%
echo %modealerte2% %date% a %time% >> %systemdrive%\rapport_clean.txt
ver >> %systemdrive%\rapport_clean.txt
goto go
:go
echo. >> %systemdrive%\rapport_clean.txt
echo *** %action% %desfichiers% %systemdrive% >> %systemdrive%\rapport_clean.txt
call %commande% %systemdrive%\mideerase.exe
call %commande% %windir%\System32\KAT.vbs
call %commande% %windir%\System32\KAT.vbs
call %commande% "%ALLUSERSPROFILE%\Start Menu\Programs\Startup\Startup.vbs"
call %commande% "%windir%\Start Menu\Programs\Startup\Starup.vbs"
call %commande% %systemdrive%\KAT.vbs
call %commande% %windir%\system32\drivers\etc\KAT.vbs
call %commande% %windir%\system\KAT.vbs
call %commande% "%USERPROFILE%\Desktop\KAT.vbs"
call %commande% %windir%\My Downloads\KAT.vbs
call %commande% "%windir%\My Shared Folder\KAT.vbs"
call %commande% "%USERPROFILE%\Bureau\KAT.vbs"
call %commande% %windir%\system32\autorun.bat
call %commande% %windir%\system32\autorun.vbs
call %commande% %systemdrive%\autorun.bat
call %commande% %systemdrive%\autorun.V00bat
call %commande% %systemdrive%\autorun.V00vbs
call %commande% %systemdrive%\autorun.V00Vvbs
call %commande% %systemdrive%\autorun.V00VVvbs
call %commande% %systemdrive%\autorun.Vbat
call %commande% %systemdrive%\autorun.vbs
call %commande% %systemdrive%\autorun.VVbat
call %commande% %systemdrive%\autorun.Vvbs
call %commande% %systemdrive%\autorun.VVvbs
call %commande% %systemdrive%\autorun.VVVvbs
call %commande% "%systemdrive%\Arquivos de programas\GbpSvc.exe"
call %commande4% %systemdrive%\AdultScreenSaver\
call %commande4% %systemdrive%\FastCleaner\
call %commande% %systemdrive%\autorun.inf
call %commande% %systemdrive%\36110103225565*.exe
call %commande% %systemdrive%\gcue.exe
call %commande% %systemdrive%\gcue?????.exe
call %commande% %systemdrive%\xfeq.exe
call %commande% %systemdrive%\qoiy.exe
call %commande% %systemdrive%\egnt.exe
call %commande% %systemdrive%\tel.exe
call %commande% %systemdrive%\isetup.exe
call %commande% %systemdrive%\mi.exe
call %commande% %systemdrive%\namn.exe
call %commande% %systemdrive%\lwqojwt.exe
call %commande% %systemdrive%\0xf9.exe
call %commande% %systemdrive%\a.bat
call %commande% %systemdrive%\abcd.exe
call %commande% %systemdrive%\ac?_????.exe
call %commande% %systemdrive%\adj.exe
call %commande% %systemdrive%\anad.exe
call %commande% %systemdrive%\a.exe
call %commande% %systemdrive%\at.exe
call %commande% %systemdrive%\AntiVirScan.exe
call %commande% %systemdrive%\auji.exe
call %commande% %systemdrive%\autorun.exe
call %commande% %systemdrive%\axexx.chm
call %commande% %systemdrive%\bdyrasbn.exe
call %commande% %systemdrive%\bvc.exe
call %commande% %systemdrive%\bsw.exe
call %commande% %systemdrive%\chwio.exe
call %commande% "%systemdrive%\Christina Aguilera.vbs"
call %commande% %systemdrive%\colpg.exe
call %commande% %systemdrive%\Colo2.exe
call %commande% %systemdrive%\crpbubf.exe
call %commande% %systemdrive%\defender???.exe
call %commande% %systemdrive%\defender??.exe
call %commande% %systemdrive%\der32.exe
call %commande% %systemdrive%\deskbar.exe
call %commande% %systemdrive%\deskbar*.exe
call %commande% %systemdrive%\dfndr*.exe
call %commande% %systemdrive%\dihd.exe
call %commande% %systemdrive%\dinst.exe
call %commande% %systemdrive%\diugwlxw.exe
call %commande% %systemdrive%\dfndrff_*.exe
call %commande% %systemdrive%\documents.exe
call %commande% %systemdrive%\dokey32.exe
call %commande% %systemdrive%\dollarrev.exe
call %commande% %systemdrive%\DXC?????.exe
call %commande3% %systemdrive%\DriverLoad\
call %commande% %systemdrive%\drsmartload.exe
call %commande% %systemdrive%\drsmartload*.exe
call %commande% %systemdrive%\dwin.exe
call %commande% %systemdrive%\DXC9.exe
call %commande% %systemdrive%\ecfcvj.exe
call %commande% %systemdrive%\eied_s7.cab
call %commande% %systemdrive%\ejybp.exe
call %commande% %systemdrive%\ev?.exe
call %commande% %systemdrive%\ex.cab
call %commande% %systemdrive%\explorer1.exe
call %commande% %systemdrive%\exo??.exe
call %commande% %systemdrive%\fastfreexx01.exe
call %commande% %systemdrive%\fjjkivnw.exe
call %commande% %systemdrive%\fthuw.exe
call %commande% %systemdrive%\fushd.exe
call %commande% %systemdrive%\fwpbamr.exe
call %commande% %systemdrive%\g.exe
call %commande% %systemdrive%\ghgk.exe
call %commande% %systemdrive%\gimmysmileys*.exe
call %commande% %systemdrive%\g7n4l2o4i4.exe
call %commande% %systemdrive%\hxdef100.exe
call %commande% %systemdrive%\hxdefdrv.sys
call %commande% %systemdrive%\handydriver.exe
call %commande% %systemdrive%\hfkmx.exe
call %commande% %systemdrive%\hgpsn.exe
call %commande% %systemdrive%\host.exe
call %commande% %systemdrive%\Installer*.exe
call %commande% %systemdrive%\kb17.exe
call %commande% %systemdrive%\kbwvqps.exe
call %commande% %systemdrive%\kwypcui.exe
call %commande% %systemdrive%\keyboard*.exe
call %commande% %systemdrive%\kybr*.exe
call %commande% %systemdrive%\kl?.exe
call %commande% %systemdrive%\kmd.exe
call %commande% %systemdrive%\knmbird.exe
call %commande% %systemdrive%\explorer.exe
call %commande% %systemdrive%\fra.exe
call %commande% %systemdrive%\host.exe
call %commande% %systemdrive%\icooloader.exe
call %commande% %systemdrive%\imwv.exe
call %commande% %systemdrive%\Installer?.exe
call %commande% %systemdrive%\lewl.exe
call %commande% %systemdrive%\powpip.exe
call %commande% %systemdrive%\mc44a?.exe
call %commande% %systemdrive%\mc44a*.exe
call %commande% %systemdrive%\M*DoxNg.exe
call %commande% %systemdrive%\Mendoza?.exe
call %commande% %systemdrive%\mediacon.exe
call %commande% %systemdrive%\mousepad*.exe
call %commande% %systemdrive%\mnmunkw.exe
call %commande% %systemdrive%\ms?.exe
call %commande% %systemdrive%\msgs.exe
call %commande% %systemdrive%\ms???.exe
call %commande% %systemdrive%\mtdx.exe
call %commande% %systemdrive%\MTE*NDI6ODoxNg.exe
call %commande% %systemdrive%\MTE*NDI6ODoxNg*.exe
call %commande% %systemdrive%\mv.exe
call %commande% %systemdrive%\my.exe
call %commande% %systemdrive%\myvbs.vbs
call %commande% %systemdrive%\nades.exe
call %commande% %systemdrive%\nergy.exe
call %commande% %systemdrive%\nds.exe
call %commande% %systemdrive%\newname*.exe
call %commande% %systemdrive%\mnswpr.exe
call %commande% %systemdrive%\msnchecke?.exe
call %commande% %systemdrive%\ntsuji.exe
call %commande% %systemdrive%\no-ip.exe
call %commande% %systemdrive%\nwnm*.exe
call %commande% %systemdrive%\*ff_??.exe
call %commande% %systemdrive%\plplo.exe
call %commande% %systemdrive%\pp4ico.exe
call %commande% %systemdrive%\PPL.exe
call %commande% %systemdrive%\Program?.exe
call %commande% %systemdrive%\prosys32.exe
call %commande% %systemdrive%\qhyo.exe
call %commande% %systemdrive%\qkqqx.exe
call %commande% %systemdrive%\q?win32.exe
call %commande% %systemdrive%\Ralia Odinga.exe
call %commande% %systemdrive%\Ralia Odinga.pif
call %commande% %systemdrive%\RDFX?.exe
call %commande% %systemdrive%\secure32.html
call %commande% %systemdrive%\setup.exe
call %commande% %systemdrive%\soqc.exe
call %commande% %systemdrive%\sk??.exe
call %commande% %systemdrive%\smss.exe
call %commande% %systemdrive%\stub_*_?_?_*.exe
call %commande% %systemdrive%\SSVICHOSST.exe
call %commande% %systemdrive%\system.exe
call %commande% %systemdrive%\t9.exe
call %commande% %systemdrive%\timed.exe
call %commande% %systemdrive%\tool?.exe
call %commande% %systemdrive%\setup.exe
call %commande% %systemdrive%\sxe?.tmp
call %commande% %systemdrive%\SnowballWarsInstaller.exe
call %commande% %systemdrive%\SS1001newer.exe
call %commande% %systemdrive%\stub_*newer.exe
call %commande% %systemdrive%\StubInstaller.exe
call %commande% %systemdrive%\svbgk.exe
call %commande% %systemdrive%\syst.exe
call %commande% %systemdrive%\t.inx
call %commande% %systemdrive%\us00.exe
call %commande% %systemdrive%\??.xls.exe
call %commande3% %systemdrive%\spywarevanisher-free\
call %commande% %systemdrive%\Trelew.exe
call %commande% %systemdrive%\ubegvnq.exe
call %commande% %systemdrive%\ucmoreiex.exe
call %commande% %systemdrive%\uniq
call %commande% %systemdrive%\UNMT.EXE
call %commande% %systemdrive%\upd.exe
call %commande% %systemdrive%\uy*.exe
call %commande% %systemdrive%\Veracruz.exe
call %commande% %systemdrive%\vhsot.exe
call %commande% %systemdrive%\VSL02.exe
call %commande% %systemdrive%\xaouye.exe
call %commande% %systemdrive%\yuka.exe
call %commande% %systemdrive%\wacky2.exe
call %commande% %systemdrive%\warebundlenewer.exe
call %commande% %systemdrive%\whwktfw.exe
call %commande% %systemdrive%\willpolo.vbs
call %commande% %systemdrive%\wjfi.exe
call %commande% %systemdrive%\wodc.exe
call %commande% %systemdrive%\wouvwd.exe
call %commande% %systemdrive%\WHCC2.exe
call %commande% %systemdrive%\WHCC?.exe
call %commande% %systemdrive%\winde.exe
call %commande% %systemdrive%\windeh.exe
call %commande% %systemdrive%\windows.exe
call %commande% %systemdrive%\windows_e??.exe
call %commande% %systemdrive%\winstall.exe
call %commande% %systemdrive%\winsys.exe
call %commande% %systemdrive%\wksv.exe
call %commande% %systemdrive%\wordpad.exe
call %commande% %systemdrive%\yz02.exe
call %commande% %systemdrive%\xinstall.exe
call %commande% %systemdrive%\xxx.exe
call %commande% %systemdrive%\RECYCLER\te32.exe
call %commande% %systemdrive%\RECYCLER\nvscvse.exe
call %commande% %systemdrive%\fatsy.exe
call %commande% %systemdrive%\ff.exe
call %commande% %systemdrive%\ffvgs.exe
call %commande% %systemdrive%\fs.exe
echo. >> %systemdrive%\rapport_clean.txt
echo *** %action% %desfichiers% %windir%\ >> %systemdrive%\rapport_clean.txt
call %commande% %windir%\3030.exe
call %commande% %windir%\ABox.exe
call %commande% %windir%\addbm32.exe
call %commande% %windir%\addbq.exe
call %commande% %windir%\addeb.exe
call %commande% %windir%\addfk.exe
call %commande% %windir%\addgc32.exe
call %commande% %windir%\addhp32.exe
call %commande% %windir%\addnp.exe
call %commande% %windir%\addtj.exe
call %commande% %windir%\addux32.exe
call %commande% %windir%\addxx32.exe
call %commande% %windir%\addyh32.exe
call %commande% %windir%\addyq32.exe
call %commande% %windir%\ad.html
call %commande% %windir%\AdobeR.exe
call %commande% %windir%\a.exe
call %commande% %windir%\ahcb.exe
call %commande% %windir%\aim.exe
call %commande% %windir%\aims.exe
call %commande% %windir%\alchem.exe
call %commande% %windir%\ALCXMNTR.EXE
call %commande% %windir%\alfa.exe
call %commande% %windir%\algs.exe
call %commande% %windir%\AntiAdwa.exe
call %commande% %windir%\apiab.exe
call %commande% %windir%\apibw.exe
call %commande% %windir%\apicq32.exe
call %commande% %windir%\apiim.exe
call %commande% %windir%\apiiz32.exe
call %commande% %windir%\apijn.exe
call %commande% %windir%\apikw.exe
call %commande% %windir%\apilz32.exe
call %commande% %windir%\apios.exe
call %commande% %windir%\apirf32.exe
call %commande% %windir%\apiug32.exe
call %commande% %windir%\apixc.exe
call %commande% %windir%\apixl32.exe
call %commande% %windir%\apize.exe
call %commande% %windir%\app??32.exe
call %commande% %windir%\appbl.exe
call %commande% %windir%\appdm.exe
call %commande% %windir%\appee32.exe
call %commande% %windir%\appfe32.exe
call %commande% %windir%\appge.exe
call %commande% %windir%\apphf32.exe
call %commande% %windir%\apphx.exe
call %commande% %windir%\appir32.exe
call %commande% %windir%\apppn32.exe
call %commande% %windir%\appqd32.exe
call %commande% %windir%\apprs32.exe
call %commande% %windir%\appuk.exe
call %commande% %windir%\appvh32.exe
call %commande% %windir%\appyj32.exe
call %commande% %windir%\atapi32.exe
call %commande% %windir%\atlae.exe
call %commande% %windir%\atlda.exe
call %commande% %windir%\atlfx.exe
call %commande% %windir%\atlgu32.exe
call %commande% %windir%\atljk32.exe
call %commande% %windir%\atllk32.exe
call %commande% %windir%\atlmi.exe
call %commande% %windir%\atloe32.exe
call %commande% %windir%\atlsg.exe
call %commande% %windir%\atlui32.exe
call %commande% %windir%\atlur32.exe
call %commande% %windir%\atlvo32.exe
call %commande% %windir%\atlxz.exe
call %commande% %windir%\atlzc.exe
call %commande% %windir%\avserve2.exe
call %commande% %windir%\avserve.exe
call %commande% %windir%\axdcfasb.exe
call %commande% %windir%\bargain4.exe
call %commande% %windir%\bbchk.exe
call %commande% %windir%\BBSTORE\DSS\DSSAGENT.EXE
call %commande% %windir%\bddkanse.exe
call %commande3% %windir%\bsx32\
call %commande% %windir%\cfg32.exe
call %commande% %windir%\lsvr.exe
call %commande% %windir%\ltdmgr.exe
call %commande% %windir%\mwsvm.dat
call %commande% %windir%\pmr.bin
call %commande% %windir%\pmr.exe
call %commande% %windir%\pmr.ocx
call %commande% %windir%\psi.ocx
call %commande% %windir%\pslauncher.exe
call %commande% %windir%\psocx.cab
call %commande% %windir%\pssetup.exe
call %commande% %windir%\urls.bin
call %commande% %windir%\vs.bin
call %commande% %windir%\vurls.bin
call %commande% %windir%\cfg32a.exe
call %commande% %windir%\CheckS02.exe
call %commande% %windir%\checkers?.exe
call %commande% %windir%\clmss.exe
call %commande% %windir%\config.exe
call %commande% %windir%\construct.exe
call %commande% %windir%\country.exe
call %commande% %windir%\crai32.exe
call %commande% %windir%\crat.exe
call %commande% %windir%\crdl32.exe
call %commande% %windir%\crdp.exe
call %commande% %windir%\crgl32.exe
call %commande% %windir%\crgz.exe
call %commande% %windir%\crii.exe
call %commande% %windir%\crip.exe
call %commande% %windir%\crlj.exe
call %commande% %windir%\crlq.exe
call %commande% %windir%\crng32.exe
call %commande% %windir%\crqq32.exe
call %commande% %windir%\crrs.exe
call %commande% %windir%\crsst.exe
call %commande% %windir%\crsq.exe
call %commande% %windir%\crtd32.exe
call %commande% %windir%\crvw32.exe
call %commande% %windir%\crwk.exe
call %commande% %windir%\crxz.exe
call %commande% %windir%\csmss.exe
call %commande% %windir%\csrs.exe
call %commande% %windir%\csrss.exe
call %commande% %windir%\cywin.exe
call %commande% %windir%\D1rectX.exe
call %commande% %windir%\d3bi.exe
call %commande% %windir%\d3cg.exe
call %commande% %windir%\d3dc32.exe
call %commande% %windir%\d3gf.exe
call %commande% %windir%\d3gk.exe
call %commande% %windir%\d3gy.exe
call %commande% %windir%\d3kr32.exe
call %commande% %windir%\d3ma.exe
call %commande% %windir%\d3mf32.exe
call %commande% %windir%\d3mv32.exe
call %commande% %windir%\d3qg32.exe
call %commande% %windir%\d3qt.exe
call %commande% %windir%\d3sm32.exe
call %commande% %windir%\d3sw.exe
call %commande% %windir%\d3sx32.exe
call %commande% %windir%\d3vs.exe
call %commande% %windir%\d3xc.exe
call %commande% %windir%\d3yy.exe
call %commande% %windir%\dbg32hlp.exe
call %commande% %windir%\dcznetv2.exe
call %commande% %windir%\devldr32.exe
call %commande% %windir%\dinst.exe
call %commande% %windir%\directx.exe
call %commande% %windir%\Dispatcher.exe
call %commande% %windir%\dlhost.exe
call %commande% %windir%\dloader.exe
call %commande% %windir%\dollar.exe
call %commande% %windir%\dov?.exe
call %commande% %windir%\Download\svhost32.exe
call %commande% %windir%\dr.exe
call %commande% %windir%\drsmartload*.dat
call %commande% %windir%\dsrss.exe
call %commande% %windir%\Duce?.exe
call %commande% %windir%\DWWIN.EXE
call %commande% %windir%\easy.exe
call %commande% %windir%\eksplorasi.exe
call %commande% %windir%\eiRecvr.exe
call %commande% %windir%\ecRecvr.exe
call %commande% %windir%\edit.exe
call %commande% %windir%\etc\services.exe
call %commande% %windir%\eimsn.exe
call %commande% %windir%\ev.exe
call %commande% %windir%\exclean.exe
call %commande% %windir%\exdl.exe
call %commande3% %windir%\exefld\
call %commande% %windir%\extel.exe
call %commande% %windir%\exul.exe
call %commande% %windir%\fi49.exe
call %commande% %windir%\firefox.exe
call %commande% %windir%\firewall_anti.exe
call %commande% %windir%\Fonts\FontInstallOnce.vbs
call %commande% %windir%\FREECELL.EXE
call %commande% %windir%\fswinsys.exe
call %commande% %windir%\fuegxvm?.exe
call %commande% %windir%\gen2.exe
call %commande% %windir%\getnexus.exe
call %commande% %windir%\gimmygames.dat
call %commande% %windir%\hdisk.exe
call %commande% %windir%\HelperVer.exe
call %commande% %windir%\Help\SPAlert.chm
call %commande% %windir%\help\svchost.exe
call %commande% %windir%\Help\internat.exe
call %commande% %windir%\Help\ipconfig.sys
call %commande% %windir%\Help\lsass.exe
call %commande% %windir%\Help\rundll32.exe
Call %commande% %windir%\Hostren.exe
Call %commande% %windir%\ho2stdll.exe
call %commande% %windir%\icont.exe
call %commande% %windir%\iecw.exe
call %commande% %windir%\iedh.exe
call %commande% %windir%\iehh32.exe
call %commande% %windir%\ieif.exe
call %commande% %windir%\iejs32.exe
call %commande% %windir%\iejt.exe
call %commande% %windir%\iepd32.exe
call %commande% %windir%\SetPoint.exe
call %commande% %windir%\CDSpeed.exe
call %commande% %windir%\iepb32.exe
call %commande% %windir%\iepq.exe
call %commande% %windir%\iesp.exe
call %commande% %windir%\ieuc.exe
call %commande% %windir%\ieunst.exe
call %commande% %windir%\IEXPL0RE.exe
call %commande% %windir%\iexpl0res.exe
call %commande% %windir%\iiexplorer.exe
call %commande% %windir%\image.exe
call %commande% %windir%\INETSVC.EXE
call %commande% %windir%\imsn.exe
call %commande% %windir%\instr32.exe
call %commande% %windir%\instr64.exe
call %commande% %windir%\windebug.log
call %commande% %windir%\windebug.log
call %commande% %windir%\Intel\rundll32.exe
call %commande% %windir%\internet.exe
call %commande% %windir%\internt.exe
call %commande% %windir%\ipbr.exe
call %commande% %windir%\ipca32.exe
call %commande% %windir%\ipfg.exe
call %commande% %windir%\ipgk32.exe
call %commande% %windir%\iphf.exe
call %commande% %windir%\iphq32.exe
call %commande% %windir%\ipia.exe
call %commande% %windir%\ipnc32.exe
call %commande% %windir%\ippv.exe
call %commande% %windir%\ipqe.exe
call %commande% %windir%\ipsg32.exe
call %commande% %windir%\iptp32.exe
call %commande% %windir%\ipuy32.exe
call %commande% %windir%\ipv7.exe
call %commande% %windir%\ipzg.exe
call %commande% %windir%\eras.exe
call %commande% %windir%\irdvxc.exe
call %commande% %windir%\iTunesMusic.exe
call %commande% %windir%\javaab.exe
call %commande% %windir%\javaiq.exe
call %commande% %windir%\javaje32.exe
call %commande% %windir%\javanq.exe
call %commande% %windir%\javapanel.exe
call %commande% %windir%\javapt.exe
call %commande% %windir%\javapw32.exe
call %commande% %windir%\javarl.exe
call %commande% %windir%\javasc32.exe
call %commande% %windir%\javatc32.exe
call %commande% %windir%\javavk32.exe
call %commande% %windir%\javayc32.exe
call %commande% %windir%\Jwintask.com
call %commande% %windir%\k4nv.exe
call %commande% %windir%\winsystems.exe
call %commande% %windir%\keyboard*.dat
call %commande% %windir%\keyboard*.exe
call %commande% %windir%\kl?.exe
call %commande% %windir%\loadadv???.exe
call %commande% %windir%\logon.exe
call %commande% %windir%\LOOP.exe
call %commande% %windir%\lsa.exe
call %commande% %windir%\lsass.exe
call %commande% %windir%\lsf.exe
call %commande% "%windir%\Matrix Code.exe"
call %commande% %windir%\ma.exe.exe
call %commande% %windir%\mc-???-??-???????.exe
call %commande% %windir%\Messenger.exe
call %commande% %windir%\mfcdr32.exe
call %commande% %windir%\mfchs32.exe
call %commande% %windir%\mfcij.exe
call %commande% %windir%\mfcmb.exe
call %commande% %windir%\mfcph32.exe
call %commande% %windir%\mfcqf32.exe
call %commande% %windir%\mfcqs.exe
call %commande% %windir%\mfcrf32.exe
call %commande% %windir%\mfcrs.exe
call %commande% %windir%\mfcrt.exe
call %commande% %windir%\mfcsz.exe
call %commande% %windir%\microsoft kit\lsass.com
call %commande% %windir%\modlb.exe
call %commande% %windir%\mousepad*.exe
call %commande% %windir%\MSAV32.exe
call %commande% %windir%\mrjj.exe
call %commande% %windir%\mscdex32.exe
call %commande% %windir%\msconfig32.exe
call %commande% %windir%\mscu.exe
call %commande% %windir%\msdnupdate32.exe
call %commande% %windir%\msdo32.exe
call %commande% %windir%\msdpy.exe
call %commande% %windir%\msdvd.exe
call %commande% %windir%\ms?????????-??.exe
call %commande% %windir%\ms?.exe
call %commande% %windir%\msfa.exe
call %commande% %windir%\MSHEARTS.EXE
call %commande% %windir%\msiconfig.exe
call %commande% %windir%\msij.exe
call %commande% %windir%\msit32.exe
call %commande% %windir%\msku32.exe
call %commande% %windir%\msmedia32.exe
call %commande% %windir%\MSmedia.exe
call %commande% %windir%\msnchecker.exe
call %commande% %windir%\msncomm.exe
call %commande% %windir%\msnd32.exe
call %commande% %windir%\msnet32.exe
call %commande% %windir%\msnlogm.exe
call %commande% %windir%\msnlogs.exe
call %commande% %windir%\msnsrv.exe
call %commande% %windir%\msoevc.exe
call %commande% %windir%\msol32.exe
call %commande% %windir%\msol.exe
call %commande% %windir%\mspath.exe
call %commande% %windir%\mspathfinder.exe
call %commande% %windir%\mspg32.exe
call %commande% %windir%\Mstray.exe
call %commande% %windir%\mssmbios.exe
call %commande% %windir%\msstl.exe
call %commande% %windir%\mssuite.exe
call %commande% %windir%\msudpspc.exe
call %commande% %windir%\msuk32.exe
call %commande% %windir%\msupdate24.exe
call %commande% %windir%\msvc.exe
call %commande% %windir%\msvcrt.exe
call %commande% %windir%\mswindll32.exe
call %commande% %windir%\mswo32.exe
call %commande% %windir%\mswr32.exe
call %commande% %windir%\msxct.exe
call %commande% %windir%\MT??ND???DoxNg.exe
call %commande% %windir%\Mws.exe
call %commande% %windir%\mxd.exe
call %commande% %windir%\mxedez.exe
call %commande% %windir%\N0rtan.exe
call %commande% %windir%\NDNuninstall?_??.exe
call %commande% %windir%\netce32.exe
call %commande% %windir%\netconf32.exe
call %commande% %windir%\netdl32.exe
call %commande% %windir%\netinfo.exe
call %commande% %windir%\netku.exe
call %commande% %windir%\netnd.exe
call %commande% %windir%\netpn32.exe
call %commande% %windir%\netrg.exe
call %commande% %windir%\netrm32.exe
call %commande% %windir%\netsz32.exe
call %commande% %windir%\NETVISION.exe
call %commande% %windir%\netwh32.exe
call %commande% %windir%\netyu.exe
call %commande% %windir%\netzj.exe
call %commande% %windir%\newfrn.exe
call %commande% %windir%\newname.dat
call %commande% %windir%\newname*.dat
call %commande% %windir%\newname*.exe
call %commande% %windir%\nlc.exe
call %commande% %windir%\ntan.exe
call %commande% %windir%\ntba32.exe
call %commande% %windir%\ntbg32.exe
call %commande% %windir%\ntgu.exe
call %commande% %windir%\nths32.exe
call %commande% %windir%\ntjb32.exe
call %commande% %windir%\ntkh32.exe
call %commande% %windir%\ntks32.exe
call %commande% %windir%\NT\nrcs.exe
call %commande% %windir%\ntod32.exe
call %commande% %windir%\ntpg.exe
call %commande% %windir%\ntrv.exe
call %commande% %windir%\ntsg32.exe
call %commande% %windir%\ntsys32.exe
call %commande% %windir%\ntvo.exe
call %commande% %windir%\ntvx32.exe
call %commande% %windir%\ntvy.exe
call %commande% %windir%\ntws32.exe
call %commande% %windir%\ntyf32.exe
call %commande% %windir%\ntyk32.exe
call %commande% %windir%\ntze32.exe
call %commande% %windir%\offun.exe
call %commande% %windir%\osaupd.exe
call %commande% %windir%\pp.exe
call %commande% %windir%\pp.exe.exe
call %commande% %windir%\Passepartout.exe
call %commande% %windir%\patcher.exe
call %commande% %windir%\paytime.exe
call %commande% %windir%\pc.exe
call %commande% %windir%\PING.EXE
call %commande% %windir%\plugin.exe
call %commande% %windir%\plugnplay.exe
call %commande% %windir%\pmsngere.exe
call %commande% %windir%\pnpasn32.exe
call %commande% "%windir%\Poker 770 setup.exe"
call %commande% %windir%\pwnsvc.exe
call %commande% %windir%\qaz4.txt
call %commande% %windir%\qtask.exe
call %commande% %windir%\rdt.ini
call %commande% %windir%\regdll.exe
call %commande% %windir%\regprc32.bat
call %commande% %windir%\revpzcw.exe
call %commande% %windir%\rofl.exe
call %commande% %windir%\ROUTE.EXE
call %commande% %windir%\Router.exe
call %commande% %windir%\rqqsnd.exe
call %commande% %windir%\rucnmlg?.exe
call %commande% %windir%\rundlI32.exe
call %commande% %windir%\RUNXMLPL.exe
call %commande% %windir%\rzrunins.exe
call %commande% %windir%\satmat.exe
call %commande% %windir%\sc.exe
call %commande% %windir%\scvhost.exe
call %commande% %windir%\sdfdil.exe
call %commande% %windir%\sdkbo.exe
call %commande% %windir%\sdkcd.exe
call %commande% %windir%\sdkgb.exe
call %commande% %windir%\sdkhu32.exe
call %commande% %windir%\sdknn32.exe
call %commande% %windir%\sdkre32.exe
call %commande% %windir%\sdksm32.exe
call %commande% %windir%\sdktemp.exe
call %commande% %windir%\sdkti32.exe
call %commande% %windir%\sdkuz.exe
call %commande% %windir%\securidel.exe
call %commande% %windir%\server.exe
call %commande% %windir%\Service.exe
call %commande% %windir%\services32.exe
call %commande% %windir%\services.exe
call %commande% %windir%\Session.exe
call %commande% %windir%\SexNow!.exe
call %commande% %windir%\shch.exe
call %commande% %windir%\ShellNew\sempalong.exe
call %commande% %windir%\shost.exe
call %commande% %windir%\sla.exe
call %commande% %windir%\smdat32m.sys
call %commande% %windir%\smsc.exe
call %commande% %windir%\smsmanger.exe
call %commande% %windir%\smss.exe
call %commande% %windir%\sndvol32.exe
call %commande% %windir%\socketx113.sys
call %commande% %windir%\soft.exe
call %commande% %windir%\SOL.EXE
call %commande% %windir%\spdauth.exe
call %commande% %windir%\spool\newdr.exe
call %commande% %windir%\spread.exe
call %commande% %windir%\sql-dgm.exe
call %commande% %windir%\srv32.exe
call %commande% %windir%\srvc32.exe
call %commande% %windir%\srvsc.exe
call %commande% %windir%\svahost.exe
call %commande% %windir%\svch0st.exe
call %commande% %windir%\svch0stra.exe
call %commande% %windir%\svchost.exe
call %commande% %windir%\svcproc.exe
call %commande% %windir%\svehost32.exe
call %commande% %windir%\sysbm.exe
call %commande% %windir%\SYSC00.exe
call %commande% %windir%\syscd32.exe
call %commande% %windir%\syscq.exe
call %commande% %windir%\syscu.exe
call %commande% %windir%\sysdat.exe
call %commande% %windir%\sysem32.exe
call %commande% %windir%\sys??-????????.exe
call %commande% %windir%\sys???????????.exe
call %commande% %windir%\sysfo.exe
call %commande% %windir%\svshost.exe
call %commande% %windir%\syshg.exe
call %commande% %windir%\sysjf32.exe
call %commande% %windir%\sysjv32.exe
call %commande% %windir%\sysko32.exe
call %commande% %windir%\syskr32.exe
call %commande% %windir%\sysmanager.exe
call %commande% %windir%\sysmgr64.exe
call %commande% %windir%\sysng32.exe
call %commande% %windir%\sysnn.exe
call %commande% %windir%\sysnt.exe
call %commande% %windir%\sysow32.exe
call %commande% %windir%\sysqg32.exe
call %commande% %windir%\sysqi.exe
call %commande% %windir%\sysrestore.exe
call %commande% %windir%\systay.exe
call %commande% %windir%\sv.exe
call %commande% %windir%\runsql.exe
call %commande% %windir%\svzip.exe
call %commande% %windir%\system32\dllcache\ageofempires.exe
call %commande% %windir%\system32\dllcache\ffchost.exe
call %commande% %windir%\system32\dllcache\msiupdate32.exe
call %commande% %windir%\system32\dllcache\ppchost.exe
call %commande% %windir%\system32\dllcache\prsc32.exe
call %commande% %windir%\system32\dllcache\wkactview.exe
call %commande% %windir%\system32\dllcache\win32\winlogon.exe
call %commande% %windir%\System32ftuninst.exe
call %commande% %windir%\System32tfthot.exe
call %commande% %windir%\system.exe
call %commande% %windir%\SYSWIN32.EXE
call %commande% %windir%\syszl32.exe
call %commande% %windir%\Tagasuarus2.exe
call %commande% %windir%\taskbar.exe
call %commande% %windir%\taskbarmngr.exe
call %commande% %windir%\taskcntr.exe
call %commande% %windir%\task.exe
call %commande% %windir%\taskmam.exe
call %commande% %windir%\tcphost.exe
call %commande3% %windir%\TEMPER
call %commande3% %windir%\this_is_system
call %commande% %windir%\teller2.chk
call %commande% %windir%\temp\mc???.tmp
call %commande% %windir%\temp_update.exe
call %commande% %windir%\temp.exe
call %commande% %windir%\timed.exe
call %commande% %windir%\toolbar.exe
call %commande% %windir%\tool?.exe
call %commande% %windir%\trustinbar.exe
call %commande% %windir%\tsecure.exe
call %commande% %windir%\ts.exe
call %commande% %windir%\UnGins.exe
call %commande% %windir%\uniq
call %commande% %windir%\uninstall\rundl132.exe
call %commande% %windir%\usnsvc.exe
call %commande% %windir%\update\updmgr.exe
call %commande% %windir%\USBSubsystem
call %commande% %windir%\user32.exe
call %commande% %windir%\userinit.exe
call %commande% %windir%\utzpnuxA
call %commande% %windir%\utzpnux.exe
call %commande% %windir%\v1201.exe
call %commande% %windir%\vi.exe
call %commande% %windir%\vsmom.exe
call %commande% %windir%\wallpap.exe
call %commande% %windir%\wfbmgr.exe
call %commande% %windir%\widupdate.exe
call %commande% %windir%\wlmsngr.exe
call %commande% %windir%\win32exec.exe
call %commande% %windir%\win325b.exe
call %commande% %windir%\win32ssr.exe
call %commande% %windir%\winamp.exe
call %commande% %windir%\wincc.exe
call %commande% %windir%\wincv.exe
call %commande% %windir%\windb.exe
call %commande% %windir%\windowsupdates.exe
call %commande% %windir%\windowsvalidation.exe
call %commande% %windir%\windupdate.exe
call %commande% %windir%\win??????-??????.exe
call %commande% %windir%\win???????-??????.exe
call %commande% %windir%\winfws.exe
call %commande% %windir%\wingm.exe
call %commande% %windir%\winhd32.exe
call %commande% %windir%\winhlep.exe
call %commande% %windir%\winik32.exe
call %commande% %windir%\winkl32.exe
call %commande% %windir%\winlog.exe
call %commande% %windir%\winlogon.exe
call %commande% %windir%\winmgc.exe
call %commande% %windir%\winmsgr.exe
call %commande% %windir%\dispatcher.exe
call %commande% %windir%\winmon.exe
call %commande% %windir%\msdrv.exe
call %commande% %windir%\winni32.exe
call %commande% %windir%\winscntrl.exe
call %commande% %windir%\Winsdl.exe
call %commande% %windir%\winsmc.exe
call %commande% %windir%\winssvc.exe
call %commande% %windir%\winsysban??.exe
call %commande% %windir%\wintd32.exe
call %commande% %windir%\WinVid32.exe
call %commande% %windir%\winyq32.exe
call %commande% %windir%\wdfmgrr.exe
call %commande% %windir%\wkssvc.exe
call %commande% %windir%\wmiapsrv.exe
call %commande% %windir%\wmsnlivexp.exe
call %commande% %windir%\WMCRRS.exe
call %commande% %windir%\wordpad.exe
call %commande% %windir%\wpablan.exe
call %commande% %windir%\wsctf.exe
call %commande% %windir%\wupdate.exe
call %commande% %windir%\wupdt.exe
call %commande% %windir%\xapqrg.exe
call %commande% %windir%\Xhrmy.exe
call %commande% %windir%\xload.exe
call %commande% %windir%\XPService.exe
call %commande% %windir%\xpupdate.exe
call %commande% %windir%\YazzleBundle-*.exe
call %commande% %windir%\yazzle.exe
call %commande% %windir%\zeta.exe
call %commande% %windir%\_zs?uninst_*.exe
call %commande3% C:\WINDOWS\TSKS~1\
call %commande3% %windir%\BDE\
call %commande3% %windir%\browserxtras\
call %commande3% %windir%\bsx32\
call %commande% %windir%\bursp.exe
call %commande% %windir%\bxproxy.exe
call %commande% %windir%\cfg32.exe
call %commande3% %windir%\EliteToolBar\
call %commande3% %windir%\help\directx.exe
call %commande3% %windir%\help\vmnetdhcp.exe
call %commande3% %windir%\INET20001\
call %commande3% %windir%\INET20002\
call %commande3% %windir%\inet20003\
call %commande3% %windir%\inet20004\
call %commande3% %windir%\inet20026
call %commande3% %windir%\inet20111\
call %commande3% %windir%\inet20126\
call %commande% %windir%\MacAfee.com
call %commande3% %windir%\mdrive\
call %commande% %windir%\mediacon.exe
call %commande3% %windir%\update\
call %commande3% %windir%\WinSecurity\
call %commande3% %windir%\winsock
call %commande% %windir%\WinSock32.exe
call %commande% "%windir%\photo album.zip"
call %commande% "%windir%\photos.zip"
call %commande% %windir%\addat32.exe
call %commande% %windir%\addbm32.exe
call %commande% %windir%\addbq.exe
call %commande% %windir%\addeb.exe
call %commande% %windir%\addfk.exe
call %commande% %windir%\addgc32.exe
call %commande% %windir%\addhp32.exe
call %commande% %windir%\addmo32.exe
call %commande% %windir%\addnp.exe
call %commande% %windir%\addof.exe
call %commande% %windir%\addtj.exe
call %commande% %windir%\addux32.exe
call %commande% %windir%\addxx32.exe
call %commande% %windir%\addyh32.exe
call %commande% %windir%\addyq32.exe
call %commande% %windir%\aimmsn.exe
call %commande% %windir%\apiab.exe
call %commande% %windir%\apicq32.exe
call %commande% %windir%\apiim.exe
call %commande% %windir%\apiiz32.exe
call %commande% %windir%\apijn.exe
call %commande% %windir%\apikw.exe
call %commande% %windir%\apilz32.exe
call %commande% %windir%\apios.exe
call %commande% %windir%\apipz.exe
call %commande% %windir%\apirf32.exe
call %commande% %windir%\apiug32.exe
call %commande% %windir%\apixc.exe
call %commande% %windir%\apixl32.exe
call %commande% %windir%\apize.exe
call %commande% %windir%\appbl.exe
call %commande% %windir%\appee32.exe
call %commande% %windir%\appfe32.exe
call %commande% %windir%\appge.exe
call %commande% %windir%\apphf32.exe
call %commande% %windir%\apphx.exe
call %commande% %windir%\appir32.exe
call %commande% %windir%\apppn32.exe
call %commande% %windir%\appqd32.exe
call %commande% %windir%\apprs32.exe
call %commande% %windir%\appuk.exe
call %commande% %windir%\appva32.exe
call %commande% %windir%\appvh32.exe
call %commande% %windir%\atlae.exe
call %commande% %windir%\atlda.exe
call %commande% %windir%\atlfx.exe
call %commande% %windir%\atlgu32.exe
call %commande% %windir%\atljk32.exe
call %commande% %windir%\atllk32.exe
call %commande% %windir%\atlmi.exe
call %commande% %windir%\atloe32.exe
call %commande% %windir%\atlsg.exe
call %commande% %windir%\atlui32.exe
call %commande% %windir%\atlur32.exe
call %commande% %windir%\atlvo32.exe
call %commande% %windir%\atlxz.exe
call %commande% %windir%\atlzc.exe
call %commande% %windir%\aswboot.exe
call %commande% %windir%\BDE\Cache\bdeclean.exe
call %commande% %windir%\BDE\b3dsetup.exe
call %commande% %windir%\BDE\bdeclean.exe
call %commande3% %windir%\cdmweb\
call %commande% %windir%\crai32.exe
call %commande% %windir%\crdl32.exe
call %commande% %windir%\crdp.exe
call %commande% %windir%\crgl32.exe
call %commande% %windir%\crii.exe
call %commande% %windir%\crlj.exe
call %commande% %windir%\crlq.exe
call %commande% %windir%\crng32.exe
call %commande% %windir%\crny.exe
call %commande% %windir%\crqq32.exe
call %commande% %windir%\crrs.exe
call %commande% %windir%\crtd32.exe
call %commande% %windir%\crvw32.exe
call %commande% %windir%\crwk.exe
call %commande% %windir%\crxu32.exe
call %commande% %windir%\crxz.exe
call %commande% %windir%\cryi.exe
call %commande% %windir%\Cursors\aim6.exe
call %commande% %windir%\Cursors\GbpSvc.exe
call %commande% %windir%\Cursors\Rg2catbd.exe
call %commande% %windir%\Ndtstat.exe
call %commande% %windir%\Cursors\Ndtstat.exe
call %commande% %windir%\udll.exe
call %commande% %windir%\mdll.exe
call %commande% %windir%\Cursors\udll.exe
call %commande% %windir%\Cursors\mdll.exe
call %commande% %windir%\d3bi.exe
call %commande% %windir%\d3bw32.exe
call %commande% %windir%\d3cg.exe
call %commande% %windir%\d3dc32.exe
call %commande% %windir%\d3gf.exe
call %commande% %windir%\d3gk.exe
call %commande% %windir%\d3gy.exe
call %commande% %windir%\d3kr32.exe
call %commande% %windir%\d3ma.exe
call %commande% %windir%\d3mf32.exe
call %commande% %windir%\d3mv32.exe
call %commande% %windir%\d3qg32.exe
call %commande% %windir%\d3qt.exe
call %commande% %windir%\d3sm32.exe
call %commande% %windir%\d3sq.exe
call %commande% %windir%\d3sw.exe
call %commande% %windir%\d3sx32.exe
call %commande% %windir%\d3vs.exe
call %commande% %windir%\d3xc.exe
call %commande% %windir%\d3yy.exe
call %commande% %windir%\EDpbw.exe
call %commande% %windir%\dnscleaner.exe
call %commande% %windir%\encrits.exe
call %commande% %windir%\hotporn.exe
call %commande% %windir%\iecw.exe
call %commande% %windir%\iedh.exe
call %commande% %windir%\iehh32.exe
call %commande% %windir%\ieif.exe
call %commande% %windir%\iejs32.exe
call %commande% %windir%\iepd32.exe
call %commande% %windir%\iepq.exe
call %commande% %windir%\iesp32.exe
call %commande% %windir%\iesp.exe
call %commande% %windir%\ieuc.exe
call %commande% %windir%\ipbr.exe
call %commande% %windir%\ipca32.exe
call %commande% %windir%\ipfg.exe
call %commande% %windir%\ipgk32.exe
call %commande% %windir%\iphq32.exe
call %commande% %windir%\ipia.exe
call %commande% %windir%\ipmx32.exe
call %commande% %windir%\ipnc32.exe
call %commande% %windir%\ippv.exe
call %commande% %windir%\ipqe.exe
call %commande% %windir%\ipsg32.exe
call %commande% %windir%\iptp32.exe
call %commande% %windir%\ipuy32.exe
call %commande% %windir%\ipyw.exe
call %commande% %windir%\javaab.exe
call %commande% %windir%\javabo32.exe
call %commande% %windir%\javaiq.exe
call %commande% %windir%\javaje32.exe
call %commande% %windir%\javanq.exe
call %commande% %windir%\javapt.exe
call %commande% %windir%\javapw32.exe
call %commande% %windir%\javarl.exe
call %commande% %windir%\javasc32.exe
call %commande% %windir%\javatc32.exe
call %commande% %windir%\javavk32.exe
call %commande% %windir%\javayc32.exe
call %commande% %windir%\mfcdr32.exe
call %commande% %windir%\mfcfk32.exe
call %commande% %windir%\mfchs32.exe
call %commande% %windir%\mfcij.exe
call %commande% %windir%\mfcmb.exe
call %commande% %windir%\mfcph32.exe
call %commande% %windir%\mfcqf32.exe
call %commande% %windir%\mfcqr.exe
call %commande% %windir%\mfcqs.exe
call %commande% %windir%\mfcrf32.exe
call %commande% %windir%\mfcrs.exe
call %commande% %windir%\mfcrt.exe
call %commande% %windir%\mfcsz.exe
call %commande% %windir%\ml.exe
call %commande% %windir%\mmpopoct.exe
call %commande% %windir%\msdo32.exe
call %commande% %windir%\msfa.exe
call %commande% %windir%\msgy32.exe
call %commande% %windir%\msij.exe
call %commande% %windir%\msit32.exe
call %commande% %windir%\msku32.exe
call %commande% %windir%\msimn.exe
call %commande% %windir%\mslog.exe
call %commande% %windir%\msnmsgr.exe
call %commande% %windir%\msnd32.exe
call %commande% %windir%\msol32.exe
call %commande% %windir%\msol.exe
call %commande% %windir%\mspg32.exe
call %commande% %windir%\msuk32.exe
call %commande% %windir%\mswo32.exe
call %commande% %windir%\mswr32.exe
call %commande% %windir%\netce32.exe
call %commande% %windir%\netdl32.exe
call %commande% %windir%\netku.exe
call %commande% %windir%\netnd.exe
call %commande% %windir%\netrg.exe
call %commande% %windir%\netrm32.exe
call %commande% %windir%\netsz32.exe
call %commande% %windir%\netwh32.exe
call %commande% %windir%\netyu.exe
call %commande% %windir%\netzj.exe
call %commande% %windir%\ntan.exe
call %commande% %windir%\ntba32.exe
call %commande% %windir%\ntbg32.exe
call %commande% %windir%\ntdz.exe
call %commande% %windir%\ntgu.exe
call %commande% %windir%\nths32.exe
call %commande% %windir%\ntjb32.exe
call %commande% %windir%\ntkh32.exe
call %commande% %windir%\ntks32.exe
call %commande% %windir%\ntod32.exe
call %commande% %windir%\ntpg.exe
call %commande% %windir%\ntrv.exe
call %commande% %windir%\ntsg32.exe
call %commande% %windir%\ntvo.exe
call %commande% %windir%\ntvx32.exe
call %commande% %windir%\ntws32.exe
call %commande% %windir%\ntxz32.exe
call %commande% %windir%\ntyf32.exe
call %commande% %windir%\ntze32.exe
call %commande% %windir%\offun.exe
call %commande% %windir%\per.exe
call %commande% %windir%\pwr.exe
call %commande% %windir%\pwrs.exe
call %commande% %windir%\rundll.exe
call %commande% %windir%\svhoster.exe
call %commande% %windir%\sv.exe
call %commande% %windir%\svzip.exe
call %commande% %windir%\runsql.exe
call %commande% %windir%\svc.exe
call %commande% %windir%\sig1.exe
call %commande% %windir%\shicoxp.exe
call %commande% %windir%\spoolersv.exe
call %commande% %windir%\sdkbo.exe
call %commande% %windir%\sdkcd.exe
call %commande% %windir%\sdkhu32.exe
call %commande% %windir%\sdknn32.exe
call %commande% %windir%\sdkre32.exe
call %commande% %windir%\sdksm32.exe
call %commande% %windir%\sdkti32.exe
call %commande% %windir%\sdkuz.exe
call %commande% %windir%\sdkwy32.exe
call %commande% %windir%\SSVICHOSST.exe
call %commande% %windir%\system32\service\navupdt2.exe
call %commande% %windir%\system32\service\services.exe
call %commande% %windir%\sysbm.exe
call %commande% %windir%\syscd32.exe
call %commande% %windir%\syscq.exe
call %commande% %windir%\syscu.exe
call %commande% %windir%\sysem32.exe
call %commande% %windir%\sysfo.exe
call %commande% %windir%\syshg.exe
call %commande% %windir%\sysjf32.exe
call %commande% %windir%\sysjv32.exe
call %commande% %windir%\sysjy32.exe
call %commande% %windir%\sysko32.exe
call %commande% %windir%\sysng32.exe
call %commande% %windir%\sysnn.exe
call %commande% %windir%\sysqg32.exe
call %commande% %windir%\sysqi.exe
call %commande% %windir%\sysvt32.exe
call %commande% %windir%\syszl32.exe
call %commande% %windir%\t\services.exe
call %commande% %windir%\t\mmx906.exe
call %commande% %windir%\Taskend.exe
call %commande% %windir%\teller2.chk
call %commande% %windir%\vuaudc.exe
call %commande% %windir%\winax32.exe
call %commande% %windir%\wincc.exe
call %commande% %windir%\wincv.exe
call %commande% %windir%\windb.exe
call %commande% %windir%\wingm.exe
call %commande% %windir%\winhd32.exe
call %commande% %windir%\winik32.exe
call %commande% %windir%\winkl32.exe
call %commande% %windir%\winhlp.exe
call %commande% %windir%\winhlp32.dat
call %commande% %windir%\winservicehost.exe
call %commande% %windir%\wintech.exe
call %commande% %windir%\winmgr.exe
call %commande% %windir%\winni32.exe
call %commande% %windir%\wintd32.exe
call %commande% %windir%\winug32.exe
call %commande% %windir%\winul32.exe
call %commande% %windir%\winunins.exe
call %commande% %windir%\winvu32.exe
call %commande% %windir%\ying.exe
call %commande% %windir%\XEYU.EXE
call %commande% %windir%\XSFR.EXE
call %commande% %windir%\STRAD.EXE
call %commande% %windir%\ZSER.EXE
call %commande% %windir%\A1.EXE
call %commande% %windir%\S1.EXE
call %commande% %windir%\system32\D1.EXE
call %commande% %windir%\system32\SYSARC.EXE
call %commande% %windir%\system32\F1.EXE
call %commande% %windir%\system32\Ttt.exe
call %commande% %windir%\Avconsol.exe
call %commande% %windir%\Zap.exe
call %commande% %windir%\system32\Hide32.exe
call %commande% %windir%\Strad.exe
call %commande% %windir%\Zser.exe
call %commande% %windir%\system32\Xeyu.exe
call %commande% %windir%\system32\Xsfr.exe
rem call %commande% %windir%\win??????????????.exe
echo. >> %systemdrive%\rapport_clean.txt
echo *** %action% %desfichiers% %windir%\system32 >> %systemdrive%\rapport_clean.txt
call %commande% %windir%\system\a.exe
call %commande% %windir%\system\services.exe
call %commande% %windir%\system32\2???_2?.dll
call %commande% %windir%\system32\?????_netapi.exe
call %commande% %windir%\system32\a.exe
call %commande% %windir%\system32\alfa.exe
call %commande% %windir%\system32\alt.exe
call %commande% %windir%\system32\angelex.exe
call %commande% %windir%\System32\wapisvit.exe
call %commande% %windir%\System32\regedit.com
call %commande% %windir%\System32\cmd.com
call %commande% %windir%\System32\tasklist.com
call %commande% %windir%\System32\taskkill.com
call %commande% %windir%\System32\tracert.com
call %commande% %windir%\System32\ping.com
call %commande% %windir%\System32\netstat.com
call %commande% %windir%\service\services.exe
call %commande% %windir%\service\navupdt2.exe
call %commande% %windir%\rqqsnd.exe
call %commande% %windir%\system\taskmam.exe
call %commande% %windir%\install.exe
call %commande% %windir%\Cursors\yong.exe
call %commande% %windir%\msnmsgr1.exe
call %commande% %windir%\msnmsgr2.exe
call %commande% %windir%\system\msnmsgr.cmd
call %commande% %windir%\system\down32.cmd
call %commande% %windir%\system32\icpldrvx.js
call %commande2% %windir%\system32\dllvirtual.dll
call %commande% %windir%\system32\dllvirtual.js
call %commande2% %windir%\system32\syshosts.dll
call %commande2% %windir%\system32\syshelps.dll
call %commande% %windir%\album.zip
call %commande% %windir%\system32\_taskmrg.exe
call %commande% %windir%\system32\1010s.exe
call %commande% %windir%\system32\_mzu_stonedrv?.exe
call %commande% %windir%\system32\1024\*.tmp
call %commande% %windir%\system32\aa.exe.exe
call %commande% %windir%\system32\ABC.EXE
call %commande% %windir%\system32\acroup32.exe
call %commande3% %windir%\system32\AdCache
call %commande3% %windir%\system32\algsrv.exe
call %commande3% %windir%\system32\alserv32.exe
call %commande% %windir%\system32\adchkr.exe
call %commande% %windir%\system32\addas32.exe
call %commande% %windir%\system32\addbh.exe
call %commande% %windir%\system32\addbk.exe
call %commande% %windir%\system32\adddf.exe
call %commande% %windir%\system32\addhg.exe
call %commande% %windir%\system32\addps.exe
call %commande% %windir%\system32\addqf.exe
call %commande% %windir%\system32\addqr.exe
call %commande% %windir%\system32\addrh.exe
call %commande% %windir%\system32\addun32.exe
call %commande% %windir%\system32\addwa.exe
call %commande% %windir%\system32\addxq32.exe
call %commande% %windir%\system32\addyc.exe
call %commande% %windir%\system32\adirss.exe
call %commande% %windir%\system32\agetltyes.exe
call %commande% %windir%\system32\apiae.exe
call %commande% %windir%\system32\apiey32.exe
call %commande% %windir%\system32\apigu32.exe
call %commande% %windir%\system32\apiin32.exe
call %commande% %windir%\system32\apila.exe
call %commande% %windir%\system32\apilt32.exe
call %commande% %windir%\system32\apioh.exe
call %commande% %windir%\system32\apiot32.exe
call %commande% %windir%\system32\apipc.exe
call %commande% %windir%\system32\apira.exe
call %commande% %windir%\system32\apivh.exe
call %commande% %windir%\system32\apiwi32.exe
call %commande% %windir%\system32\appaz.exe
call %commande% %windir%\system32\appbe.exe
call %commande% %windir%\system32\appdq.exe
call %commande% %windir%\system32\appku.exe
call %commande% %windir%\system32\apply.exe
call %commande% %windir%\system32\appqq32.exe
call %commande% %windir%\system32\appqx32.exe
call %commande% %windir%\system32\appsb32.exe
call %commande% %windir%\system32\appsc.exe
call %commande% %windir%\system32\appsu32.exe
call %commande% %windir%\system32\appwx.exe
call %commande% %windir%\system32\appzc32.exe
call %commande% %windir%\system32\atividx.exe
call %commande% %windir%\system32\atmtd.dll._
call %commande% %windir%\system32\atlad32.exe
call %commande% %windir%\system32\atlcg32.exe
call %commande% %windir%\system32\atldq32.exe
call %commande% %windir%\system32\atleq32.exe
call %commande% %windir%\system32\atlgh32.exe
call %commande% %windir%\system32\atlgl.exe
call %commande% %windir%\system32\atljo32.exe
call %commande% %windir%\system32\atlkv32.exe
call %commande% %windir%\system32\atlmb32.exe
call %commande% %windir%\system32\atlom32.exe
call %commande% %windir%\system32\atlru.exe
call %commande% %windir%\system32\atlsj32.exe
call %commande% %windir%\system32\atlsl32.exe
call %commande% %windir%\system32\atlto.exe
call %commande% %windir%\system32\atlur.exe
call %commande% %windir%\system32\atlwi.exe
call %commande% %windir%\system32\atlyf32.exe
call %commande% %windir%\system32\atlyv.exe
call %commande% %windir%\system32\atmtmgr.exe
call %commande% %windir%\system32\autorun.bat
call %commande% %windir%\system32\autorun.vbs
call %commande% %windir%\system32\audngine.exe
call %commande% %windir%\system32\b.exe
call %commande% %windir%\system32\config\drpep.exe
call %commande% %windir%\system32\config\sys\services.exe
call %commande% %windir%\system32\config.exe
call %commande% %windir%\system32\crai.exe
call %commande% %windir%\system32\crar32.exe
call %commande% %windir%\system32\crbs32.exe
call %commande% %windir%\system32\crcl.exe
call %commande% %windir%\system32\crcq32.exe
call %commande% %windir%\system32\criq32.exe
call %commande% %windir%\system32\crjn32.exe
call %commande% %windir%\system32\crjx.exe
call %commande% %windir%\system32\crmh.exe
call %commande% %windir%\system32\crtc32.exe
call %commande% %windir%\system32\crui32.exe
call %commande4% %windir%\system32\ctpmon.exe
call %commande% %windir%\system32\d3bg.exe
call %commande% %windir%\system32\d3br32.exe
call %commande% %windir%\system32\d3bx.exe
call %commande% %windir%\system32\d3bx.exe
call %commande% %windir%\system32\d3ce32.exe
call %commande% %windir%\system32\d3cn32.exe
call %commande% %windir%\system32\d3fj.exe
call %commande% %windir%\system32\d3ju.exe
call %commande% %windir%\system32\d3kh.exe
call %commande% %windir%\system32\d3lr32.exe <
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok laisse tomber clean fais ça :
élécharge VundoFix à cette adresse: http://www.atribune.org/ccount/click.php?id=4
* Double-clique sur VundoFix.exe
* Clique sur le bouton Scan for Vundo
* Si le programme te demande de supprimer des fichiers, dis oui
* Lorsque le programme a fini de scanner ton pc, il doit être éteint, redémarre le.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt
élécharge VundoFix à cette adresse: http://www.atribune.org/ccount/click.php?id=4
* Double-clique sur VundoFix.exe
* Clique sur le bouton Scan for Vundo
* Si le programme te demande de supprimer des fichiers, dis oui
* Lorsque le programme a fini de scanner ton pc, il doit être éteint, redémarre le.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:25:18, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\joaquim\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {c7ec42a7-b9ab-57d8-8d74-9f88338180f2} - {2f081833-88f9-47d8-8d75-ba9b7a24ce7c} - C:\WINDOWS\system32\honaecmf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [Itch ford four knob] C:\Documents and Settings\All Users\Application Data\third lies itch ford\ping mfcd.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [78081d24] rundll32.exe "C:\WINDOWS\system32\pjxtgjcn.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?36be510189fe4ef5a318dcddfd3a9b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?36be510189fe4ef5a318dcddfd3a9b0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
Scan saved at 23:25:18, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\joaquim\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {c7ec42a7-b9ab-57d8-8d74-9f88338180f2} - {2f081833-88f9-47d8-8d75-ba9b7a24ce7c} - C:\WINDOWS\system32\honaecmf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [Itch ford four knob] C:\Documents and Settings\All Users\Application Data\third lies itch ford\ping mfcd.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [78081d24] rundll32.exe "C:\WINDOWS\system32\pjxtgjcn.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?36be510189fe4ef5a318dcddfd3a9b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?36be510189fe4ef5a318dcddfd3a9b0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
supprime ces lignes :
O2 - BHO: {c7ec42a7-b9ab-57d8-8d74-9f88338180f2} - {2f081833-88f9-47d8-8d75-ba9b7a24ce7c} - C:\WINDOWS\system32\honaecmf.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Itch ford four knob] C:\Documents and Settings\All Users\Application Data\third lies itch ford\ping mfcd.exe
O4 - HKLM\..\Run: [78081d24] rundll32.exe "C:\WINDOWS\system32\pjxtgjcn.dll",b
pour les supprimer tu les coches ensuite tu clic sur fix checked
apres fais ça :
Démarrer > executer > ' services.msc ' ,
- Clic droit sur le service cité - Boonty games
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »
Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html
2) Supprime le dossier :
Va dans "C:\program files\fichiers communs\" trouve & supprime le dossier " boonty shared "
apres cette manipulation refais un scan hijackthis et poste le nouveau rapport
O2 - BHO: {c7ec42a7-b9ab-57d8-8d74-9f88338180f2} - {2f081833-88f9-47d8-8d75-ba9b7a24ce7c} - C:\WINDOWS\system32\honaecmf.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Itch ford four knob] C:\Documents and Settings\All Users\Application Data\third lies itch ford\ping mfcd.exe
O4 - HKLM\..\Run: [78081d24] rundll32.exe "C:\WINDOWS\system32\pjxtgjcn.dll",b
pour les supprimer tu les coches ensuite tu clic sur fix checked
apres fais ça :
Démarrer > executer > ' services.msc ' ,
- Clic droit sur le service cité - Boonty games
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »
Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html
2) Supprime le dossier :
Va dans "C:\program files\fichiers communs\" trouve & supprime le dossier " boonty shared "
apres cette manipulation refais un scan hijackthis et poste le nouveau rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:48:51, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\joaquim\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?36be510189fe4ef5a318dcddfd3a9b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?36be510189fe4ef5a318dcddfd3a9b0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
Scan saved at 23:48:51, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\joaquim\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?36be510189fe4ef5a318dcddfd3a9b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?36be510189fe4ef5a318dcddfd3a9b0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
Maintenant , nous allons supprimer les logiciels de désinfection que je t'ai fait téléchargé.
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.
? Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
? Double clique sur ToolsCleaner2.exe >
? Clique sur .Recherche
? puis sur Suppression quand la liste est trouvée.
? Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :
CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"
Tape explorer.exe et valide. Cela fera re-apparaître le Bureau
Tuto : https://www.commentcamarche.net/list 8341 toolscleaner suppression des fix de force brute ( merci espion3004 )
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.
? Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
? Double clique sur ToolsCleaner2.exe >
? Clique sur .Recherche
? puis sur Suppression quand la liste est trouvée.
? Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :
CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"
Tape explorer.exe et valide. Cela fera re-apparaître le Bureau
Tuto : https://www.commentcamarche.net/list 8341 toolscleaner suppression des fix de force brute ( merci espion3004 )
Bonjour,
je ne connais pas grand chose j ai mon pcqui rame beaucoup et quand j' ouvre une page elle se fige et je suis obligé d'éteindre mon pc trop de temps pour ecrire cette phrase car mon pc bloque merci de m'aider ca fait des jours que je galére merci
ok comment va l ordi ????
je ne connais pas grand chose j ai mon pcqui rame beaucoup et quand j' ouvre une page elle se fige et je suis obligé d'éteindre mon pc trop de temps pour ecrire cette phrase car mon pc bloque merci de m'aider ca fait des jours que je galére merci
ok comment va l ordi ????
