Sujet Précédent Sujet Suivant

Mon pc rame......

Résolu
alex -  
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
bonjour, depuis peu je trouve que mon pc rame, de plus une icone du courrier electronique d'avast reste constamment affichée ds ma barre de tache.... voici mon log hijackthis.
merci d'avance de votre aide:
Logfile of HijackThis v1.99.1
Scan saved at 15:54:34, on 30/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\program files\steam\steam.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.r.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\yoyo\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
A voir également:

5 réponses

Réponse 1 / 5
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

quelques saltés ... as tu un parfeu ???

Télécharge SDFix sur ton bureau

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

++
0
Réponse 2 / 5
alex
 
merci de ton aide, voici mes logs :
log sdfix :

SDFix: Version 1.44
-------------------

30/11/2006 - 16:33:46,53

Microsoft Windows XP [version 5.1.2600]

Running from C:\SDFix

Stage One - Safe Mode
Service Check...

Service Name:
------------

FilePath:
--------

Starting Registry Repairs...

Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two - Normal Mode

Checking For Malware:
--------------------

C:\DOCUME~1\yoyo\LOCALS~1\Temp\10exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\10exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\10exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\13exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\13exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\14exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\14exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\14exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\14exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\15exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\15exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\15exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\17exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\19exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\1exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\20exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\21exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\21exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\21exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\24exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\26exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\26exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\27exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\27exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\27exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\28exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\28exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\2exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\30exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\30exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\30exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\31exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\31exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\33exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\33exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\34exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\36exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\36exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\36exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\36exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\38exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\39exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\3exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\40exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\41exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\44exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\45exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\45exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\45exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\46exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\47exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\47exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\48exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\48exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\49exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\4exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\4exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\4exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\50exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\51exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\53exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\53exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\53exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\54exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\54exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\54exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\58exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\60exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\60exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\60exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\61exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\64exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\64exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\65exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\66exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\66exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\66exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\68exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\68exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\68exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\69exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\69exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\69exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\6exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\70exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\70exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\70exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\73exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\73exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\74exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\75exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\78exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\79exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\79exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\7exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\80exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\84exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\84exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\85exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\85exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\88exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\88exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\88exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\88exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\8exinjs.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\8exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\8exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\90exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\90exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\92exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\92exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\92exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\94exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\94exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\94exssd32.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\95exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\96exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\96exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\96exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\97exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\97exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\97exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exhdd.l.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\99exssd32.o.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exhdd.m.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exinjs.r.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exmodul32e.q.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exssd32.p.exe
C:\DOCUME~1\yoyo\LOCALS~1\Temp\setup.exe
C:\WINDOWS\system\smss.exe

Backing Up and Removing any Files Found...

Final Check:

Services:
---------

Authorized Applications Export:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe REG_SZ C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home
C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe REG_SZ C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime
C:\Program Files\Wolfenstein - Enemy Territory\ET.exe REG_SZ C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET
C:\Sierra\Half-Life\hl.exe REG_SZ C:\Sierra\Half-Life\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\Steam\SteamApps\alexandre.bordas@laposte.net\counter-strike\hl.exe REG_SZ C:\Program Files\Steam\SteamApps\alexandre.bordas@laposte.net\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\Steam\SteamApps\alexandre.bordas@laposte.net\dedicated server\hlds.exe REG_SZ C:\Program Files\Steam\SteamApps\alexandre.bordas@laposte.net\dedicated server\hlds.exe:*:Enabled:HLDS Launcher
C:\Program Files\Jeux classiques\Bin\CmCenterV2.exe REG_SZ C:\Program Files\Jeux classiques\Bin\CmCenterV2.exe:*:Enabled:CmCenter Module
C:\WINDOWS\system32\svchost.exe REG_SZ C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update
C:\Program Files\Steam\SteamApps\alexandre.bordas@laposte.net\day of defeat\hl.exe REG_SZ C:\Program Files\Steam\SteamApps\alexandre.bordas@laposte.net\day of defeat\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5
C:\WINDOWS\system32\dpvsetup.exe REG_SZ C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\79exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\79exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\39exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\39exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\86exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\86exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\81exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\81exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\22exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\22exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\2exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\2exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\41exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\41exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exinjs.o.exe:*:Enabled:Microsoft Update
C:\Program Files\Morpheus\Morpheus.exe REG_SZ C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:M5Shell
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\55exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\55exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\52exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\52exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\64exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\64exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\97exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\97exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\49exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\49exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\18exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\18exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\45exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\45exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\20exinjs.o.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\20exinjs.o.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\44exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\44exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\95exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\95exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\52exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\52exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\74exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\74exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\65exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\65exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\22exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\22exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\6exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\6exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\21exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\21exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\42exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\42exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\91exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\91exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\46exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\46exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\17exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\17exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\51exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\51exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\2exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\2exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\66exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\66exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\18exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\18exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\53exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\53exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\61exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\61exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\73exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\73exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\82exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\82exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\90exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\90exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\69exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\69exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\26exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\26exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\80exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\80exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\78exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\78exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\85exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\85exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\4exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\4exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\27exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\27exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\84exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\84exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\10exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\10exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\33exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\33exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\49exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\49exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\34exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\34exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\3exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\3exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\28exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\28exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\58exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\58exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\38exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\38exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\94exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\94exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\68exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\68exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\7exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\7exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\30exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\30exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.p.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.p.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.p.exe:*:Enabled:Microsoft Update
C:\WINDOWS\system32\mshta.exe REG_SZ C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host
C:\DOCUME~1\yoyo\LOCALS~1\Temp\58exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\58exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\3exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\3exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\81exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\81exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\0exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\0exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\51exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\51exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\75exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\75exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\54exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\54exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\60exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\60exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\24exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\24exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\33exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\33exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\78exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\78exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\5exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\12exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\12exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\19exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\19exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\18exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\18exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\74exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\74exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\1exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\1exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\55exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\55exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\61exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\61exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\99exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\99exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\21exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\21exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\62exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\43exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\20exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\20exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\69exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\69exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\38exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\38exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\42exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\42exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\39exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\39exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\59exinjs.q.exe:*:Enabled:Microsoft Update
C:\Program Files\Skype\Phone\Skype.exe REG_SZ C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
C:\DOCUME~1\yoyo\LOCALS~1\Temp\7exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\7exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\50exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\50exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\22exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\22exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\27exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\27exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\17exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\17exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\26exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\26exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\40exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\40exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\16exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\48exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\48exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\83exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\79exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\79exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\14exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\14exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\23exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\53exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\53exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\10exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\10exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\36exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\36exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\8exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\8exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\37exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\88exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\88exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exinjs.q.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\63exinjs.q.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\45exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\45exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\70exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\70exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\98exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\19exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\19exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\2exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\2exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\3exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\3exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\94exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\94exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\89exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\71exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\87exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\29exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\90exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\90exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\25exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\35exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\64exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\64exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\9exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\77exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\76exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\97exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\97exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\54exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\54exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\15exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\15exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\11exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\41exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\41exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\32exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\47exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\47exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\93exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\60exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\60exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\72exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\4exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\4exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\96exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\96exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\1exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\1exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\92exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\92exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\56exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\44exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\44exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\57exinjs.r.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exinjs.r.exe REG_SZ C:\DOCUME~1\yoyo\LOCALS~1\Temp\67exinjs.r.exe:*:Enabled:Microsoft Update
C:\WINDOWS\system32\rtcshare.exe REG_SZ C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5

Files:
------

Checking For Hidden Files:

C:\Documents and Settings\yoyo\Mes documents\Mes images\photo mariage\SecurDataStorRM\Files\CopyFile.exe
C:\Documents and Settings\yoyo\Mes documents\Mes images\photo mariage\SecurDataStorRM\Files\SecurDataStor.exe
C:\Documents and Settings\yoyo\Mes documents\Mes images\photo mariage\SecurDataStorRM\Files\Viewer.exez
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\Documents and Settings\yoyo\Mes documents\Mes images\photo mariage\SecurDataStorRM\Files\msghxx.dllz
C:\Documents and Settings\yoyo\Mes documents\Mes images\photo mariage\SecurDataStorRM\Files\MSVCR71.DLLz
C:\WINDOWS\msdownld.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\0925d873fc4b623a324e790f1b1a6e0d\download\BITA.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5224af626898b31ba0c7476966921e26\download\BIT5.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5a0d771158cfd69be5ddd26d8f58c73b\BIT9.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8988720990da37d89648162c2c038171\download\BIT4.tmp

Backups folder: - C:\SDFix\backups\backups.zip

FINISHED!
et mon log hijack this :
Logfile of HijackThis v1.99.1
Scan saved at 17:22:12, on 30/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\program files\steam\steam.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\Documents and Settings\yoyo\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
0
Réponse 3 / 5
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
re

# Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll

O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

==> Cliques sur :

demarrer < executer < tapes : services.msc

cherches dans la liste cette ligne et regles la sur "desactivé"

==> cherche et supprimer le dossier en gras :

C:\Program Files\GamesBar\oberontb.dll

# ensuite, télécharge et execute ceci :

* CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm

* Ccleaner : Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .

*Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"

ccleaner

tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

et enfin, fais le 1/ et 2/ de ce lien stp :

virus methode preliminaire de desinfection version fr

++

On peut aussi bâtir quelque chose de beau avec les pierres qui entravent le chemin ( J.W.VON GOETHE
)
0
Réponse 4 / 5
alex
 
encore merci de ton aide tres precieuse...
j'ai bien effectuer tout ce que tu m'as dit sauf qu'a un moment tu me demande de faire "services.msc" et de cocher cette ligne mais quelle ligne dois-je cocher ???
encore milles merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

oups! desolée, un oubli de ma part !

==> Cliques sur :

demarrer < executer < tapes : services.msc

cherches dans la liste cette ligne et regles la sur "desactivé"

France Telecom Routing Table Service (FTRTSVC)

++

On peut aussi bâtir quelque chose de beau avec les pierres qui entravent le chemin ( J.W.VON GOETHE
)
0