|
 Posté le 10/08/2009 @ 22:28 |
Petit astucien
| Bonsoir,
Quand je veux lancer certains logiciels (Malwarebytes'Anti-malware, AdslTV, DocteurWeb...), il sort le message mis en titre...
Et je ne peux les re-exécuter...
Virus ?
Merci...
|
|
|
|
|
|
Posté le 11/08/2009 à 00:33 |
Nouvel astucien
| |
|
Posté le 11/08/2009 à 09:00 |
Petit astucien
| Bonjour Fredericx,
Voici le scan demandé:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:53:12, on 11/08/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Common Files\aol\1244056855\ee\aolsoftware.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\SFR\Kit\9props.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\SFR\Media Center\MediaCenter.exe
C:\Program Files\eMule\emule.exe
C:\Users\Jjanloup\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\explorer.exe
C:\Program Files\ZGuideTVDotNet\ZGuideTVDotNet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Karcher +\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1244056855\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Cobian Backup 9 interface] "C:\Program Files\Cobian Backup 9\cbInterface.exe" -service
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Freebie Notes] "C:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe"
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Arovax Shield] C:\Program Files\Arovax Shield\ArovaxShield.exe -tray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VR\AOL.EXE" -b
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Pense-bête.lnk = C:\Windows\System32\StikyNot.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Desktop Manager 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9e4eafabd6ec5) (gupdate1c9e4eafabd6ec5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 13203 bytes
J'avais déjà le logiciel HijackThis installé sur l'ordi, j'ai donc effectué directement le scan; j'espère que la manoeuvre est correcte...
A bientôt...
Jjanloup |
|
Posté le 11/08/2009 à 12:39 |
Nouvel astucien
| |
|
Posté le 11/08/2009 à 19:20 |
Petit astucien
| Bonsoir,
Il semble y avoir des problèmes:
Tout d'abord, j'ai dû m'y prendre à plusieurs reprises pour exécuter ComboFix qui perséverait à dire qu'Avast était toujours actif...
Quand il a enfin commencé le scan, l'ordi s'est trouvé déconnecté et le bureau a disparu...
L'ordi étant un ACER, j'ai pu me reconnecter sans avoir à le couper en force grâce à Acer eNet Management, et le Gadget PC astuces qui était resté apparent me permet de faire la présente réponse.
Je vais tâcher d'éteindre l'ordi en force afin de pouvoir me reconnecter en espérant récupérer bureau et barre de tâches.
Dois-je réessayer la manoeuvre avec Combo ou vaut-il mieux tenter une autre procédure ?
Merci, à bientôt...
Jjanloup. |
|
Posté le 11/08/2009 à 21:04 |
Nouvel astucien
| |
|
Posté le 12/08/2009 à 09:04 |
Petit astucien
| Bonjour,
Décidément, les dieux sont contre moi:
A chaque tentative d'enregistrement d'Avira une fenêtre s'ouvre avec l'avertissement suivant:
<<C:\Windows\system32\DATA(D:)\TEMP
ne pourra être enregistré car une erreur inconnue est survenue
Essayez d'enregistrer le fichier ailleurs>>
Je suis peut-être à l'origine de ce problème car, il y a 2 ou 3 jours, en suivant une astuce concernant Vista de PC Astuces,
j'ai changé le chemin du dossier TEMP et l'ai placé en D alors qu'il était en C ...
J'ai dû faire une mauvaise manipulation mais l'apprenti sorcier que je suis n'est pas capable d'y remédier...
Y-a-t'il un moyen de rattraper cela ?
Merci...
Jjanloup.
|
|
Posté le 12/08/2009 à 09:09 |
Petit astucien
| Deuxième message ...
J'ai trouvé ce bloc-notes sur le bureau juste après mon message de 9H04...
Je le fais suivre pour le cas où il y aurait une quelconque relation avec le problème...
;--------------------------------------------
; Anti-Virus application detection INI file
;--------------------------------------------
;
;Sample section entry:
;[<Product Name>]
;VendorName=<Vendor Name>
;Regkey1=<Key Entry>
;Process1=<Executable File Name>
;DataFilePath=<The path to virus data definition file>
;ScanFilePath=<The path to some scan result file>
;AOLProduct=0
;
;
; Last Update: 10/11/2005
[AOL SSC Antivirus]
VendorName=AOL
ProductName=AOL Antivirus
;Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\McAfee\VirusScan\InstallSettings
Regkey1=HKEY_LOCAL_MACHINE:Software\America Online\Safety and Security\Components\Antivirus
Process1=mcshield.exe
AOLProduct=1
; *******************************
; ****** McAfee Software ******
; *******************************
;pass
[McAfee VirusScan v10.0]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusScan Online
Process1=mcvsshld.exe
DataFilePath=Program Files\McAfee.com\VSO\Dat\4541\scan.dat
;pass
[McAfee VirusScan v9.0 Pro / v8.0.44]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusScan Online
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\McAfee.com\VirusScan Online" SourceDisk aol. notin
Process1=mcvsshld.exe
DataFilePath=Program Files\McAfee.com\VSO\scan.dat
[McAfee VirusScan v9.0Pro/v8.0.44 NotPresent Case]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusScan Online
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\McAfee.com\VirusScan Online" SourceDisk aol. notpresent
Process1=mcvsshld.exe
DataFilePath=Program Files\McAfee.com\VSO\scan.dat
[AOL CLient Installed v8.0.44]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusScan Online
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\McAfee.com\VirusScan Online" SourceDisk aol. in
Process1=mcvsshld.exe
DataFilePath=Program Files\McAfee.com\VSO\scan.dat
AOLProduct=1
;pass
[McAfee VirusScan Enterprise v8.0]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5DF3D1BB-894E-4DCD-8275-159AC9829B43}
Process1=VsTskMgr.exe
DataFilePath=Program Files\Common Files\Network Associates\Engine\scan.dat
;pass
[McAfee VirusScan Enterprise v7.1]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59224777-298D-4E9C-9AEB-4A91BDA01B27}
Process1=VsTskMgr.exe
DataFilePath=Program Files\Common Files\Network Associates\Engine\scan.dat
;pass
[McAfee VirusScan Enterprise v7.01]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E4DC62CE-5F95-11D6-B254-00C04FF4B435}
Process1=avconsol.exe
DataFilePath=Program Files\Common Files\Network Associates\VirusScan Engine\4.0.xx\scan.dat
;pass
[McAfee VirusScan Enterprise v7.00]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1912F734-6580-4620-8AFD-ECCCEA19CDE2}
Process1=VsTskMgr.exe
DataFilePath=Program Files\Common Files\Network Associates\Engine\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v5.15 and v4.5.0]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{63CB7620-B423-4BF1-A7E4-75BB8B64740E}
Process1=avconsol.exe
DataFilePath=Program Files\Common Files\Network Associates\VirusScan Engine\4.0.xx\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v5.0]
VendorName=McAfee
ProductName=McAfee VirusScan
RegKey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E17F984-880D-11D3-82CA-00C04F656306}
Process1=avconsol.exe
DataFilePath=Program Files\McAfee\McAfee VirusScan\scan.dat
;pass
[McAfee VirusScan v4.5.1 / v4.5.1 SP1 / v6.01]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{87AEFD84-BC0D-11D4-B885-00508B022A51}
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Network Associates\ePolicy Orchestrator\Application Plugins\VIRUSCAN6500
Process1=avconsol.exe
DataFilePath=Program Files\Common Files\Network Associates\VirusScan Engine\4.0.xx\scan.dat
;pass
[McAfee VirusScan v4.0.3a NetShield NT]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Network Associates\Dr Solomon's NetShield NT\4.0.3a
Process1=VsTskMgr.exe
DataFilePath=Program Files\Network Associates\Dr Solomon's NetShield NT\scan.dat
;pass
[McAfee VirusScan v4.0.3a v4.1.0 VScan NT]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Network Associates\Dr Solomon's VirusScan NT\4.0.3a
Process1=VsTskMgr.exe
DataFilePath=Program Files\Network Associates\Dr Solomon's VirusScan NT\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v4.0.3]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\Dr Solomon's VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\McAfee\Scan95
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\Dr Solomon's VirusScan\Scan.dat
;pass
[McAfee VirusScan NetShield v4.0.2]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Network Associates\NetShield NT\4.0.2
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\Netshield NT\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v4.0.2]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Network Associates\McAfee VirusScan\4.0.2
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\McAfee VirusScan\scan.dat
; <pending 9x detection compatibility>
[McAfee Dr. Solomon's VirusShield v4.0.1]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\Dr Solomon's VirusScan
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\Dr Solomon's VirusScan\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v4.0.1]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Network Associates\McAfee VirusScan\4.0.1
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\McAfee VirusScan\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v4.0.0]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee VirusScan
Regkey2=HKEY_LOCAL_MACHINE:Software\Network Associates\McAfee VirusScan\Exchange Scan\CurrentVersion
Regkey3=HKEY_LOCAL_MACHINE:Software\Network Associates\McAfee VirusScan
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\McAfee VirusScan\scan.dat
;pass
[McAfee VirusScan NT v3.2.0]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Network Associates\VirusScan NT\3.2.0
Process1=AMGRSRVC.EXE
DataFilePath=Program Files\McAfee\VirusScan NT\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v3.2.0]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Network Associates\McAfee VirusScan\3.2.0
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\McAfee VirusScan\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan v3.1.6]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\McAfee VirusScan
Regkey2=HKEY_LOCAL_MACHINE:Software\McAfee\Scan95
Process1=avconsol.exe
DataFilePath=Program Files\Network Associates\McAfee VirusScan\scan.dat
;pass
[McAfee VirusScan NT v3.1.4]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\McAfee\VirusScan NT\3.1.4
Process1=AMGRSRVC.EXE
DataFilePath=Program Files\McAfee\VirusScan NT\scan.dat
; [retest, not detecting with the following criteria]
[McAfee VirusScan NT v3.0.2]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\McAfee\VirusScan NT\3.0.2
Process1=AMGRSRVC.EXE
DataFilePath=Program Files\McAfee\VirusScan NT\scan.dat
; <pending 9x detection compatibility>
[McAfee Internet GuardDog v3.01]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{99F690A2-158D-11D1-A116-444553540000}
Process1=avconsol.exe
DataFilePath=Program Files\McAfee\Internet Guard Dog
; <pending 9x detection compatibility>
[McAfee Internet GuardDog v2.0.5]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\McAfee\Guard Dog\2.0
Process1=guarddog.exe
DataFilePath=Program Files\McAfee\Guard Dog\scan.dat
; <pending 9x detection compatibility>
[McAfee Dr. Solomon's Antivirus v8.5.0]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{63CB7620-B423-4BF1-A7E4-75BB8B64740E}
Process1=avconsol.exe
DataFilePath=Program Files\Common Files\Network Associates\VirusScan Engine\4.0.xx\scan.dat
; <pending 9x detection compatibility>
[McAfee VirusScan TC]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:Software\Network Associates\TVD\VirusScan TC
Process1=Vsstat.exe
DataFilePath=Program Files\Common Files\McAfee\VirusScan Engine\4.0.xx\scan.dat
; *********************************
; ****** Symantec Software ******
; *********************************
; 09-26-06
[Norton Internet Security (AntiVirus) 2006]
VendorName=Symantec Corporation
ProductName=Norton Internet Security 2006
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12E2B9E9-05B1-407d-B0FD-B5F350535125}
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}" DisplayName "Norton AntiVirus 2006" equal
Process1=navapsvc.exe
DataFilePath=Program Files\Norton Internet Security\Norton AntiVirus\savrt.dat
;pass
[Norton Internet Security (AntiVirus) 2005]
VendorName=Symantec Corporation
ProductName=Norton Internet Security
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12E2B9E9-05B1-407d-B0FD-B5F350535125}
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}" DisplayName "Norton AntiVirus 2005" equal
Process1=navapsvc.exe
DataFilePath=Program Files\Norton Internet Security\Norton AntiVirus\savrt.dat
;pass
[Norton Internet Security (AntiVirus) 2004]
VendorName=Symantec Corporation
ProductName=Norton Internet Security
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}" DisplayName "Norton AntiVirus 2005" noteq
RegValStrVal2="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}" DisplayName "Norton AntiVirus 2006" noteq
Process1=navapsvc.exe
DataFilePath=Program Files\Norton AntiVirus\savrt.dat
;pass
[Norton Internet Security (AntiVirus) 2003]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AFD2C5B5-BF78-47B6-9569-755448C0D0EE}
Process1=navapsvc.exe
DataFilePath=Program Files\Norton AntiVirus\savrt.dat
[Norton Internet Security (AntiVirus) 2001]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{C02388E1-C0E3-462E-BDC8-7E1D56D8AC4D}
Process1=navapw32.exe
DataFilePath=Program Files\Norton AntiVirus\Navdef.dat
; 09-26-06
[Norton AntiVirus 2006]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus 2006
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}
RegKey2=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}" DisplayName "Norton AntiVirus 2006" equal
Process1=navapsvc.exe
DataFilePath=Program Files\Norton AntiVirus\savrt.dat
; 09-26-06
[Norton AntiVirus 2005]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus 2005
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}
RegKey2=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C6F5B6CF-609C-428E-876F-CA83176C021B}" DisplayName "Norton AntiVirus 2005" equal
Process1=navapsvc.exe
DataFilePath=Program Files\Norton AntiVirus\savrt.dat
;pass
[Norton AntiVirus 2003]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{47D5D869-FE57-4F2F-A358-83CFAA7B4968}
Process1=navapsvc.exe
DataFilePath=Program Files\Norton AntiVirus\FILTER.DAT
;pass
[Norton AntiVirus 2002]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3075C5C3-0807-4924-AF8F-FF27052C12AE}
Process1=navapsvc.exe
DataFilePath=Program Files\Norton AntiVirus\FILTER.DAT
; <pending 9x detection compatibility>
[Norton AntiVirus 2001 7.00 9x/ME]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Norton AntiVirus
Process1=navapw32.exe
DataFilePath=Program Files\Common Files\Symantec Shared\VirusDefs\20000713.068\virscan1.dat
;pass
[Norton AntiVirus 2001 7.00 NT]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Norton AntiVirus
Process1=navapsvc.exe
DataFilePath=Program Files\Common Files\Symantec Shared\VirusDefs\20000713.068\virscan1.dat
;pass
[Symantec AntiVirus Corp 10.0]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5A633ED0-E5D7-4D65-AB8D-53ED43510284}
Process1=DefWatch.exe
DataFilePath=Program Files\Symantec AntiVirus\savrt.dat
;pass
[Symantec AntiVirus Corp 9.0]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{848AC794-8B81-440A-81AE-6474337DB527}
Process1=DefWatch.exe
DataFilePath=Program Files\Symantec AntiVirus\savrt.dat
;pass
[Norton AntiVirus 8.1]
VendorName=Symantec Corporation
ProductName=Norton AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}
Process1=DefWatch.exe
DataFilePath=Program Files\Symantec_Client_Security\Symantec AntiVirus\FILTER.DAT
; *************************************
; ****** Trend Micro PC-Cillin ******
; *************************************
;pass
[PC-cillin InternetSecurity 2006]
VendorName=Trend Micro, Inc.
ProductName=Trend Micro PC-cillin Internet Security 2006
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8C73AA-3D75-44C9-87A2-8E945FC5FEE6}
Process1=pccguide.exe
DataFilePath=Program Files\Trend Micro\Internet Security 2006\lpt$vpn.939
;pass
[PC-cillin 2005]
VendorName=Trend Micro, Inc.
ProductName=Trend Micro PC-cillin Internet Security
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}
Process1=pccguide.exe
DataFilePath=Program Files\Trend Micro\Internet Security 2005\lpt$vpn.184
;pass
[PC-cillin 2003]
VendorName=Trend Micro Incorporated
ProductName=PC-Cillin AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA7FDA46-DFA8-4748-8F2E-8864E545735B}
Process1=pccguide.exe
DataFilePath=Program Files\Trend Micro\PC-cillin 2003\lpt$vpn.365
;pass
[Trend PC-cillin 2002]
VendorName=Trend Micro Incorporated
ProductName=PC-Cillin AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C90F3E44-3BF6-11D4-A110-00500405613A}
Process1=PCCClient.exe
DataFilePath=Program Files\Trend Micro\PC-cillin 2002\lpt$vpn.222
;pass
[Trend PC-cillin v11]
VendorName=Trend Micro Incorporated
ProductName=PC-Cillin AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3943C4CF-AC42-4E00-8824-25159B8478F1}
Process1=PCCClient.exe
DataFilePath=Program Files\Trend Micro\Internet Security\lpt$vpn.686
; ****** AnyWare AV ******
;pass
[AnyWare AV v3.0]
VendorName=AnyWare
ProductName=AnyWare AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anyware Antivirus for Windows NT
Process1=aawinnt.exe
DataFilePath=ANYWARE\ANYWARE.SIG
; ****** AVAST ******
;pass
[AVAST 4.0 / 4.5]
VendorName=AVAST
ProductName=AVAST AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\avast!
Process1=ashserv.exe
DataFilePath=Program Files\Alwil Software\Avast4\DATA\400.vps
; ****** AVG ******
;pass
[AVG 7.0]
VendorName=AVG
ProductName=AVG AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
Process1=aswUpdSv.exe
DataFilePath=Program Files\Grisoft\AVG Free\avgwb.dat
; ****** e-Trust AV ******
;pass
[e-Trust AV 7.x]
VendorName=Computer Associates
ProductName=eTrust EZ Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VETWIN32Vp5
Process1=CAVTray.exe
DataFilePath=Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\Vet.dat
; ****** e-Trust AV ******
;pass
[e-Trust AV 6.x]
VendorName=Computer Associates International, Inc.
ProductName=eTrust AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VETWIN32Vp5
Process1=VetTray.exe
DataFilePath=Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\Vet.dat
; ****** F-Secure ******
[F-Secure 6.00]
VendorName=F-Secure
ProductName=F-Secure AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus" DisplayName "F-Secure Anti-Virus Client Security - Virus & Spy Protection" equal
Process1=FSAV32.exe
DataFilePath=Program Files\F-Secure\Anti-Virus\daily.avc
;pass
[F-Secure 5.40]
VendorName=F-Secure
ProductName=F-Secure AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SYSTEM\ControlSet001\Services\FSAA
Process1=fsm32.exe
DataFilePath=Program Files\F-Secure Internet Security\Anti-Virus\sign.def
; ****** Kaspersky AV ******\
; <pending 9x detection compatibility>
[Kaspersky 4.5.0]
VendorName=Kaspersky Lab
ProductName=Kaspersky AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F5E2A5A-92C5-4DF1-808D-1688C50CBFEE}
Process1=avpcc.exe
DataFilePath=Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\klsfdbM.dat
; ****** Panda AV Titanium ******
; <pending 9x detection compatibility>
[Panda 2.01]
VendorName=Panda Software, Inc.
ProductName=Panda AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8F321A0-8969-11D4-908A-00C0DF242902}
Process1=Pavproxy.exe
DataFilePath=Program Files\Panda Software\Panda Antivirus Titanium\pav.sig
; Added on 05-11-2006
[Panda Titanium AV 2005]
VendorName=Panda Software
ProductName=Panda Titanium Antivirus 2005
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{BB85F18B-43C6-48B5-ABA9-6A5DDA65AA1B}
Process1=AVLTMAIN.EXE
DataFilePath=Program Files\Panda Software\Panda Titanium Antivirus 2005\Data
; ****** Panda AV Platinum ******
;pass
[Panda 7.0]
VendorName=Panda Software, Inc.
ProductName=Panda AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E91563B4-D9EC-11D5-A2BB-00606771B69D}
Process1=Pavsrv51.exe
;DataFilePath=Program Files\Panda Software\Panda Antivirus Platinum\pav.sig
; ****** Panda AV Platinum ******
;pass
[Panda 8.0]
VendorName=Panda Software, Inc.
ProductName=Panda AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E91563B4-D9EC-11D5-A2BB-00606771B69D}
Process1=Pavsrv51.exe
DataFilePath=Program Files\Panda Software\Panda Platinum Internet Security\pav.sig
; ****** ZoneAlarm Antivirus ******
;pass
[ZoneAlarm 5.x / 6.x]
VendorName=Zone Labs, Inc.
ProductName=ZoneAlarm Security Suite Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Suite
Process1=zlclient.exe
DataFilePath=WINDOWS\SYSTEM32\ZoneLabs\vet.dat
; <--** added 05-25-06 <<<<
[ZoneAlarm AV/FW 5.x / 6.x]
VendorName=Zone Labs, Inc.
ProductName=ZoneAlarm Anti-virus Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Anti-virus
Process1=zlclient.exe
DataFilePath=WINDOWS\SYSTEM32\ZoneLabs\vet.dat
; ****** G Data ******
;
[G Data Internet Security]
VendorName=G Data
ProductName=G Data Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{044EB318-D3B0-498D-86F4-1EC1C93BCE88}
Process1=AVKService.exe
DataFilePath=Program Files\G DATA AVK InternetSecurity prsentiert von AOL\AVK\avkrkey.dat
; de 4-26-06
[G Data Internet Security 2006]
VendorName=G Data
ProductName=G Data Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9128E393-0013-4B04-BD72-73287A25B28C}
Process1=AVKService.exe
DataFilePath=Program Files\G DATA InternetSecurity praesentiert von AOL\AVK\avkrkey.dat
; 02-22-06
[G Data 2005 AntiVirusKit prof]
VendorName=G DATA
ProductName=G DATA AntiVirenKit 2005
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{31E9AC0D-24C4-4A6D-81D7-290263E3C131}
Process1=avk.exe
DataFilePath=Program Files\AntiVirusKit 2005\avkrkey.dat
; 02-22-06
[G Data 2006 AntiVirusKit]
VendorName=G DATA
ProductName=G DATA AntiVirenKit 2006
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B9D1079B-9BB3-4826-92B1-D50B1F25C838}
Process1=avk.exe
DataFilePath=Program Files\AntiVirusKit 2006\avkrkey.dat
; ****** ClamWin ******
;
[ClamWin AntiVirus]
VendorName=alch
ProductName=ClamWin Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClamWin Free Antivirus_is1
Process1=ClamWin.exe
; ****** MS OneCare ******
;
[MS OneCare Antivirus]
VendorName=Microsoft Corporation
ProductName=Windows Live OneCare Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12D3AF08-DDCB-48C9-A8C4-DBF28F0419EB}
Process1=MSMPSVC.exe
DataFilePath=Program Files\Microsoft Windows OneCare Live\AntivirusData\DataDirectory\mpdef.vdm
; ****** AntiVir ******
;
[AntiVir PE 6.32.00.51/6.x]
VendorName=H+BEDV Datentechnik GmbH
ProductName=AntiVir PE AntiVirus
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir/XP
Process1=AVWIN.EXE
DataFilePath=Program Files\AVPersonal\ANTIVIR3.VDF
; ****** NOD32 ******
;
[NOD32 2.5 for NT/2000/XP]
VendorName=ESET
ProductName=NOD32 AntiVirus
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NOD32
Process1=nod32.exe
DataFilePath=Program Files\ESET\nod32.006
; ****** German e-Trust AV ******
;
[German e-Trust AV 7.1.194]
VendorName=Computer Associates International, Inc.
ProductName=eTrust AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CC55BD24-C1A6-4397-8EA3-2F30E74BDA2B}
Process1=InoRpc.exe
Process2=InoRT.exe
Process3=InoTask.exe
DataFilePath=Programme\CA\SharedComponents\ScanEngine\Vet.DAT
; ****** PC Tools AV ******
[PC Tools AV 2.0]
VendorName=PC Tools Software
ProductName=PC Tools AntiVirus
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Tools AntiVirus_is1
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Tools AntiVirus_is1" DisplayName "PC Tools AntiVirus 2.1" noteq
Process1=PCTAV.exe
DataFilePath=Program Files\PC Tools AntiVirus\Bases
; 09-21-06 (also made above conditional)
[PC Tools AV2.1.0.55]
VendorName=PC Tools Research Pty Ltd
ProductName=PC Tools AntiVirus 2.1.0.55
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Tools AntiVirus_is1
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Tools AntiVirus_is1" DisplayName "PC Tools AntiVirus 2.1" equal
Process1=PCTAV.exe
DataFilePath=Program Files\PC Tools AntiVirus\Bases
; ****** Filseclab Twister AV ******
[Twister AV 2005R2]
VendorName=Filseclab
ProductName=Twister AntiTrojanVirus 2005
VendorId=0
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FAED979E-6FE4-4032-8224-F53B4A0FDCD9}
Process1=Twister.exe
DataFilePath=Program Files\Filseclab\Twister\data1.dat
; ****** BitDefender ******
[BitDefender AV 8 Free Edition]
VendorName=SOFTWIN
ProductName=BitDefender Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8BFFDBAB-FD81-4137-A98E-A769C828080C}
Process1=bdmcon.exe
; Added 05-15-2006
[BitDefender AV Prof. Plus 8]
VendorName=Softwin
ProductName=BitDefender Client Professional Plus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE23674E-E729-44F7-A212-D874D55483C0}
Process1=bdmcon.exe
DataFilePath=Program Files\Softwin\BitDefender8\asdict.dat
; Added 05-15-2006
[BitDefender AV 9 Prof. Plus]
VendorName=Softwin
ProductName=BitDefender 9 Professional Plus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F7F74EE-0EB4-4133-A9C4-C242C6EFD087}
Process1=bdmcon.exe
DataFilePath=Program Files\Softwin\BitDefender9\asdict.dat
[Kaspersky Personal AV5.0]
VendorName=Kaspersky Lab
ProductName=Kaspersky AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\Kaspersky Anti-Virus Personal
Process1=kavsvc.exe
DataFilePath=Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.dat
; 07-07-06
[Kaspersky AV 6.0]
VendorName=Kaspersky Lab
ProductName=Kaspersky Anti-Virus 6.0
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{75193929-9A52-4CA4-98DE-8C7296940920}
RegValStrVal1="HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{75193929-9A52-4CA4-98DE-8C7296940920}" DisplayName "Kaspersky Anti-Virus 6.0" equal
Process1=avp.exe
DataFilePath=Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Data\rollbackinfo.fl
; 07-14-06
[Kaspersky Internet Security 6.0]
VendorName=Kaspersky Lab
ProductName=Kaspersky Internet Security 6.0
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0DCD54F-C829-41A5-AF32-71E632BB0E2C}
RegValStrVal1="HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0DCD54F-C829-41A5-AF32-71E632BB0E2C}" DisplayName "Kaspersky Internet Security 6.0" equal
Process1=avp.exe
DataFilePath=Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Data\rollbackinfo.fl
; 07-07-06 mod 07-14-06
[AOL Active Virus Shield]
VendorName=AOL
ProductName=Active Virus Shield
Regkey1=HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{75193929-9A52-4CA4-98DE-8C7296940920}
RegValStrVal1="HKEY_LOCAL_MACHINE:Software\Microsoft\Windows\CurrentVersion\Uninstall\{75193929-9A52-4CA4-98DE-8C7296940920}" DisplayName "Active Virus Shield" equal
Process1=avp.exe
DataFilePath=Program Files\AOL\Active Virus Shield
AOLProduct=1
; de 3-28-2006
[BitDefender AV 7 Standard Edition]
VendorName=SOFTWIN
ProductName=BitDefender Antivirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{58DC60BD-5D53-45E9-A66F-F690B1D35533}
Process1=bdmcon.exe
[Norman Virus Control 5.7/5.81/5.x]
VendorName=Norman ASA
ProductName=Norman AntiVirus
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{74C8BF56-6618-49AA-98BA-862223900CBF}
;Process1=Nvcod.exe
DataFilePath=Norman\Nse\Bin\Nvcincr.def
; de 4-28-2006
[DATA BECKER Max AV 2005]
VendorName=DataBeckerAntivir
ProductName=DATA BECKER Maximum Protection Antivirus 2005
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{489453DA-1BBB-46B3-A803-D284A4502EA8}
Regkey2=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DATA BECKER Antivirus 2005
Process1=avw.exe
DataFilePath=Program Files\DATA BECKER\Antivirus 2005\AntiVirus\signature.dat
; de 4-28-2006
[DATA BECKER Max AV 2006]
VendorName=DATA BECKER
ProductName=DATA BECKER AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E4F5237A-B1A0-496C-B680-D98BB48F21E2}
Regkey2=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DATA BECKER Antivirus 2006
Process1=avw.exe
DataFilePath=Program Files\DATA BECKER\Antivirus 2006\AntiVirus\signature.dat
; *** F-Secure ***
; added 05-05-2006
[F-Secure AV 2004]
VendorName=F-Secure
ProductName=F-Secure AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-4476822 Uninstaller" DisplayName "Anti-Virus 2004" in
Process1=FSAV32.exe
DataFilePath=Program Files\F-Secure Anti-Virus\Anti-Virus\fsmacro.def
; added 05-05-2006
[F-Secure AV 2005]
VendorName=F-Secure
ProductName=F-Secure AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-4476822 Uninstaller" DisplayName "F-Secure Anti-Virus 2005" equal
Process1=FSAV32.exe
DataFilePath=Program Files\F-Secure Anti-Virus\Anti-Virus\fsmacro.def
; added 05-04-2006
[F-Secure IS 2004]
VendorName=F-Secure
ProductName=F-Secure AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-4476822 Uninstaller" DisplayName "Security 2004" in
Process1=FSAV32.exe
DataFilePath=Program Files\F-Secure Internet Security\Anti-Virus\fsmacro.def
; added 05-03-2006
[F-Secure IS 2005]
VendorName=F-Secure
ProductName=F-Secure AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-4476822 Uninstaller" DisplayName "F-Secure Internet Security 2005" equal
Process1=FSAV32.exe
DataFilePath=Program Files\F-Secure Internet Security\Anti-Virus\fsmacro.def
; added 05-04-2006
[F-Secure IS 2006]
VendorName=F-Secure
ProductName=F-Secure AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure Anti-Virus
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-4476822 Uninstaller" DisplayName "2006" in
Process1=FSAV32.exe
DataFilePath=Program Files\F-Secure Internet Security\Anti-Virus\fsmacro.def
; added 05-12-06
; *** Sophos ***
[Sophos AV SBE]
VendorName=Sophos PLC
ProductName=Sophos AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sophos-SweepNT
Regkey2=HKEY_LOCAL_MACHINE:SOFTWARE\Sophos
Process1=WSWEEPNT.EXE
DataFilePath=Program Files\Sophos\Sophos Anti-Virus
; added 05-12-2006
; *** The Cleaner ***
[The Cleaner Prof. 4]
VendorName=MooSoft Development LLC
ProductName=The Cleaner AntiVirus
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{750C0D4F-E731-4104-9A51-A5E579CE3867}_is1
Process1=cleaner.exe
DataFilePath=Program Files\The Cleaner\cleaner4.cdb
; added 07-25-2006 for England
; *** AVIRA ***
[AVIRA Desktop Antivirus 1.x/1.00.00.80]
VendorName=AVIRA GmbH
ProductName=AVIRA Desktop
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\AVIRA GmbH\AVIRA Desktop
Process1=AVESVC.exe
DataFilePath=Program Files\AVIRA Desktop\UPDATE
; 08-30-06
[Laplink PCDefense 1.0.29.0]
VendorName=Laplink Software, Inc.
ProductName=Laplink PCDefense
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6AA6E1B-13D5-4793-A0DE-99EF0AD8E544}
RegKey2=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{F6AA6E1B-13D5-4793-A0DE-99EF0AD8E544}
Process1=PCDefense.exe
DataFilePath=Program Files\Laplink\PCdefense\database.db
; 09-21-06
[AntiVir PE Classic 7]
VendorName=Avira GmbH
ProductName=Avira AntiVir PersonalEdition Classic
RegKey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic
Process1=avguard.exe
DataFilePath=Program Files\AntiVir PersonalEdition Classic\antivir3.vdf
; 09-25-06
[BitDefender AV 9 Standard Edition]
VendorName=Softwin
ProductName=BitDefender 9 Standard
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{018A0E82-1E79-4EA4-BA31-A72CEC193F0F}
Process1=bdmcon.exe
DataFilePath=Program Files\Softwin\BitDefender9\Logs
; 09-27-06
[BitDefender AntiVirus v10]
VendorName=Softwin
ProductName=BitDefender Antivirus v10
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99E8DC90-F010-4352-8337-F97ECA347200}
Process1=bdmcon.exe
DataFilePath=Program Files\Softwin\BitDefender10\Logs
; 09-27-06
[BitDefender AntiVirus Plus v10]
VendorName=Softwin
ProductName=BitDefender Antivirus Plus v10
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{757BEF67-AF8C-4A2E-B5C4-FDF3C3595509}
Process1=bdmcon.exe
DataFilePath=Program Files\Softwin\BitDefender10\Logs
; 09-28-06
[McAfee VirusScan as SecurityCenter]
VendorName=McAfee
ProductName=McAfee VirusScan
Regkey1=HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSC
RegValStrVal1="HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSC" DisplayName "McAfee SecurityCenter" equal
Process1=mcods.exe
DataFilePath=Program Files\McAfee\VirusScan\DAT |
|
Posté le 12/08/2009 à 11:54 |
Nouvel astucien
| Jjanloup a écrit :
> j'ai changé le chemin du dossier TEMP et l'ai placé en D alors qu'il était en C ...
> Fais la manip' inverse...
Télécharge RSIT (merci random/random) sur le Bureau : http://images.malwareremoval.com/random/RSIT.exe
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis n' est pas présent/non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches
NB : Ces rapports sont enregistrés dans le dossier C:\rsit
Tuto : https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
|
|
Posté le 12/08/2009 à 12:44 |
Petit astucien
|
Cest là qu'est le problème...
Dès que j'essaie de télécharger, la fenêtre suivante s'ouvre:
<<C:\Windows\system32\DATA(D:)\TEMP
ne pourra être enregistré car une erreur inconnue est survenue
Essayez d'enregistrer le fichier ailleurs>>
Et je ne sais comment enregistrer le fichier ailleurs...
Je ne peux donc exécuter cette manoeuvre...
Merci pour ta patience...
|
|
Posté le 12/08/2009 à 14:35 |
Petit astucien
| Voilà... Je pense avoir trouvé...
C'est en déplaçant
TEMP et TMP que j'ai dû faire une bêtise !
Le titre de l'astuce était: Déplacer le dossier temporaire...
Je sais comment retourner dans le champ valeur de la variable mais non comment saisir le chemin d'accès vers le dossier initial.
|
|
Posté le 12/08/2009 à 21:36 |
Nouvel astucien
| Jjanloup a écrit :
> Je sais comment retourner dans le champ valeur de la variable mais non comment saisir le chemin d'accès vers le dossier initial.
Bonsoir Jjanloup,
> Tu devrais poser la question au forum Vista et revenir ici : https://forum.pcastuces.com/windows_vista-f28
A+ |
|
Erreur d'exécution '481': Image incorrecte
À LA UNE
PRATIQUE
LOGITHÈQUE
TABLETTE ET MOBILE
BONS PLANS
FONDS D'ÉCRAN
JEUX
FORUM
