avast n arrive pas a me sortir win 32 horst

Question

g telecharger bit defender, the cleaner mais rien a faire. ce matin g du peniblement restaurer m ordi a une date anterieure car je ne pouvais plus rien en faire pfffffffffffffffffff aidez moi

Séb08 · Answer

a part ça tu connais les mots 

BONJOUR
SVP
MERCI

?

ludossegor · Answer

g telechargé hijackthis commLogfile of HijackThis v1.99.1
Scan saved at 14:10:36, on 10/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32undll32.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exinjs.a2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\WCDTJ1AB\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files	orrent_search	btorr.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files	orrent_search	btorr.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files	orrent_search	btorr.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - http://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

e on conseille aux autres et voila ???

Séb08 · Answer

slt,

e on conseille aux autres et voila ???

que veut dire cette phrase ??

=========================
Avant toutes chose désinstalle et réinstalle correctement hijack car tu l'as mal installé là ou il est , et tu n'auras pas accès aux backups en cas de mauvaise manip donc réinstalle comme suit :

Dézippe le dans un dossier prévu à cet effet. 

Par exemple C:\hijackthis < Enregistre le bien dans c : ! 

Démo (merci à Balltrap) :
instalation hijackthis
http://pageperso.aol.fr/balltrap34/Hijenr.gif

=======================

Télécharge SDFix sur ton bureau 

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe 

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. 
Redémarre ton ordinateur en mode sans échec (redemarrage + tapotte sans arret sur F8 desque l'ordi s'allume) 
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script. 
Appuie sur Y pour commencer le processus de nettoyage. 
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. 
Appuie sur une touche pour redémarrer le PC. 
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. 
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. 
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. 
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. 

Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !


a+

Séb08 · Answer

tu as fait la manip avec Sdfix ?

ou est le rapport ?

a+

ludossegor · Answer

voila ce rappo
SDFix: Version 1.64

Run by: Propri‚taire - 10/02/2007 @ 18:29:23,79

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services: 

Name:

Path:


Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\system\smss.exe - Deleted



ADS Check:

C:\WINDOWS\system32
No streams found.

                                 Final Check:


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\i-Media\ims.exe"="C:\Program Files\i-Media\ims.exe:*:Enabled:i-Minitel Serveur"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Lemoncast\lemoncast.exe"="C:\Program Files\Lemoncast\lemoncast.exe:*:Disabled:OneClick"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe"="C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="C:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Disabled:KazaaLite"
"C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp"="C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp:*:Enabled:kazaalite"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\83exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\83exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\13exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\13exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\63exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\87exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\6exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\6exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\80exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\80exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\58exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\58exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\97exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\13exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\13exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\51exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\51exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exmodul32f.c.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exinjs.r.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\27exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\3exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\3exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\49exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\61exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\54exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\54exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\45exmodul32f.d.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\45exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\37exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\86exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exinjs.s.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\53exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\89exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\34exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\34exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\92exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\10exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\67exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\67exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\48exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\48exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\55exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\1exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\84exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\40exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\40exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\26exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\23exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\73exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\77exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\77exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\42exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\51exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\51exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\4exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exinjs.t.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe"="C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe:*:Enabled:Reversi sur Internet"
"C:\Program Files\Shareaza\skin.exe"="C:\Program Files\Shareaza\skin.exe:*:Enabled:skin.exe"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\16exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\76exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\96exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\74exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\5exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\56exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\56exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\78exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\57exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\39exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\39exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\88exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\19exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\17exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\52exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\33exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\91exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\15exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\71exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\25exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\0exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\31exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\35exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\44exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\22exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\11exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\43exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\40exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\40exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\90exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\67exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\67exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\64exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\64exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\58exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\58exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\30exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\41exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\50exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\62exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\2exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\2exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\29exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\72exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\9exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\32exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\60exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\70exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\75exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\28exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\38exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\47exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\8exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\79exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\98exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\94exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\20exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\68exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\7exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\18exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\18exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\85exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\95exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\69exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\65exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\93exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\21exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\99exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\82exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\77exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\77exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\59exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\48exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\48exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\66exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\12exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\24exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\14exinjs.a2.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\34exinjs.a2.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\34exinjs.a2.exe:*:Enabled:Microsoft Update"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip


Checking For Files with Hidden Attributes :

C:\Documents and Settings\All Users\Application Data\Symantec\Ghost\Template\common\MSDOS\COMMAND.COM
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Gnarls_Barkley-St._Elsewhere-2006-wWw.TodoRiper.com\AlbumArtSmall.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Gnarls_Barkley-St._Elsewhere-2006-wWw.TodoRiper.com\Folder.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Jay-Z.And.Notorious.Big.-.The.Commission.2006.MP3.192kbps.[MP3-ES.com]\AlbumArtSmall.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Jay-Z.And.Notorious.Big.-.The.Commission.2006.MP3.192kbps.[MP3-ES.com]\Folder.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArtSmall.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{2ADA1DB4-E552-48B2-9DD6-2935D6B4436B}_Large.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{2ADA1DB4-E552-48B2-9DD6-2935D6B4436B}_Small.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{B03F43D3-1666-4120-8BAD-AD78B26C0D3C}_Large.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{B03F43D3-1666-4120-8BAD-AD78B26C0D3C}_Small.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{BD6010D9-3A07-4F7E-8E91-FD8EBE86B012}_Large.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{BD6010D9-3A07-4F7E-8E91-FD8EBE86B012}_Small.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{F7926298-D562-44D3-8F76-59A1D5E01044}_Large.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\AlbumArt_{F7926298-D562-44D3-8F76-59A1D5E01044}_Small.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\desktop.ini
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Kurupt - Days of A Dogg Pound Gangsta Volume I  .[WwW.LiMiTeDiVx.CoM].By KELOLO\Folder.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\AlbumArtSmall.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\desktop.ini
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\Folder.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\AlbumArtSmall.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\AlbumArt_{E987921D-6E4F-4403-BEE5-641EFB7861EC}_Large.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\AlbumArt_{E987921D-6E4F-4403-BEE5-641EFB7861EC}_Small.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\desktop.ini
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\Method Man - 4-21 The Day After (2006) - Rap [www.torrentazos.com]\Folder.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Soraya_Arnelas-Corazon_De_Fuego-[2005]WWW.Fexixp2p.com\AlbumArtSmall.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Soraya_Arnelas-Corazon_De_Fuego-[2005]WWW.Fexixp2p.com\Folder.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\VA-My_Playlist_By_Joey_Starr_(Mixed_By_DJ_James)-FR-2006-z3rtyy.Skyblog.Com\AlbumArtSmall.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\VA-My_Playlist_By_Joey_Starr_(Mixed_By_DJ_James)-FR-2006-z3rtyy.Skyblog.Com\AlbumArt_{E982CB7B-60B7-462B-A42E-FA7D5225C9B3}_Large.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\VA-My_Playlist_By_Joey_Starr_(Mixed_By_DJ_James)-FR-2006-z3rtyy.Skyblog.Com\AlbumArt_{E982CB7B-60B7-462B-A42E-FA7D5225C9B3}_Small.jpg
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\VA-My_Playlist_By_Joey_Starr_(Mixed_By_DJ_James)-FR-2006-z3rtyy.Skyblog.Com\desktop.ini
C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\VA-My_Playlist_By_Joey_Starr_(Mixed_By_DJ_James)-FR-2006-z3rtyy.Skyblog.Com\Folder.jpg
C:\WINDOWS\system32\wxpmin.dll
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Picasa2\setup.exe
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Program Files\Google\Google Desktop Search\BIT2.tmp
C:\Program Files\Google\Google Desktop Search\BIT4.tmp

                                 Finished
rt :

Séb08 · Answer

Ou en sont tes probs ?

a+

ludossegor · Answer

salut seb. je ne c pas si tu as vu le rapport ? depuis ce temps la avast ne localise plus le virus... par contre g des soucis avec wma ma bibliotheque son ??? penses tu que c en rapport ( g des ralentissements sur tout des que wma est ouvert en + ca fonctionne tres mal dedans wma aussi. merci a toi. ludo

Séb08 · Answer

non désolé je n'avais pas vu ...

ok

fais la manip avec ce log 

* cleanup40 (nettoyeur de cookies+temps+tempos+prefetch+historique+etc..)
Démo :
 http://pageperso.aol.fr/balltrap34/democleanup.htm 
Téléchargement :
 http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Lance le, vérifie que tu es bien en "option standard" (cf démo), ensuite [cleanup] à la fin tu auras une fenêtre qui s'ouvre clique sur [oui], ton PC va redémarrer.

========
ensuite :

- > Pour vérifier, scanne ton PC avec cet antivirus en ligne (sous IE et accepte l’activX) : 
http://www.bitdefender.fr/bd/site/search.php#
Clique sur « Bitdefender scan on line »  suis les instructions.
Démo (merci à balltrap pour cette démo) :
http://pageperso.aol.fr/rginformatique/mapage/defender.htm

Et colle le rapport.

a+

ludossegor · Answer

salut seb. g bien tout fait et depuis avast ne sonne plus. maintenant g des gros problemes dans wma qui ne peux presk plus ni lire ni graver un cd et ki me fait planter le pc. g aussi lancer un spybot : rien et un avast cleaner : rien non plus. voila le rapport. merci a toi. ludo.BitDefender Online Scanner
  
  
 
Rapport d'analyse généré à: Mon, Feb 12, 2007 - 22:34:09
 
 
  
  
 
Voie d'analyse: A:\;C:\;D:\;
  
  
 
 
  
  
 
Statistiques
 
Temps
 01:04:59
 
Fichiers
 384260
 
Directoires
 5687
 
Secteurs de boot
 2
 
Archives
 1846
 
Paquets programmes
 46518
 
  
  
 
Résultats
 
Virus identifiés
 1
 
Fichiers infectés
 2
 
Fichiers suspects
 0
 
Avertissements
 0
 
Désinfectés
 0
 
Fichiers effacés
 2
 
  
  
 
Info sur les moteurs
 
Définition virus
 420522
 
Version des moteurs
 AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)
 
Analyse des plugins
 14
 
Archive des plugins
 38
 
Unpack des plugins
 6
 
E-mail plugins
 6
 
Système plugins
 1
 
  
  
 
Paramètres d'analyse
 
Première action
 Désinfecté
 
Seconde Action
 Supprimé
 
Heuristique
 Oui
 
Acceptez les avertissements
 Oui
 
Extensions analysées
 *;
 
Excludez les extensions
  
 
Analyse d'emails
 Oui
 
Analyse des Archives
 Oui
 
Analyser paquets programmes
 Oui
 
Analyse des fichiers
 Oui
 
Analyse de boot
 Oui
 
  
  
 
  Fichier analysé
  Statut
 
C:\SDFix\backups\backups.zip=>backups/smss.exe
 Infecté par: DeepScan:Generic.Horst.E8CBAFEF
 
C:\SDFix\backups\backups.zip=>backups/smss.exe
 Echec de la désinfection
 
C:\SDFix\backups\backups.zip=>backups/smss.exe
 Supprimé
 
C:\SDFix\backups\backups.zip
 Mis à jour
 
C:\System Volume Information\_restore{D5C1AF1D-DB36-42D4-B2E9-9AB5A2448CEB}\RP5\A0000194.exe
 Infecté par: DeepScan:Generic.Horst.E8CBAFEF
 
C:\System Volume Information\_restore{D5C1AF1D-DB36-42D4-B2E9-9AB5A2448CEB}\RP5\A0000194.exe
 Echec de la désinfection
 
C:\System Volume Information\_restore{D5C1AF1D-DB36-42D4-B2E9-9AB5A2448CEB}\RP5\A0000194.exe
 Supprimé

Séb08 · Answer

ok supprime C:\SDFix

tu as quel version de Windows media player ?

Normalement on est à la verison 11 essaye de le mettre à jour si tu n'es pas à cette version.

a+

Séb08 · Answer

Le rapport de Bitdefender montre que tu avais encore SDfix d'installé et que ta resto etait infectée mais le scan a bien fait son boulot.

tu as ces probs depuis quand ?

a+

Séb08 · Answer

Rien a voir avec mes manips l'ami ....

Si tu veux en être sur fais une restauration de ton système et vois si tu as toujours le prob.

a+

Séb08 · Answer

Démarrer -> tous les progs -> accessoires -> outils système -> restauration système

Pour la date c'est toi qui voit , mais sache que tes probs vont réapparaitre a mon avis ...

Enfin ....

Bye

Séb08 · Answer

remet un log hijack on va l'allerger un peu au démarrage.

a+

Séb08 · Answer

ok

Télécharge Blacklight (de F-Secure):
https://www.f-secure.com/en


En bas de la page qui s'affiche clique sur "I accept".
Sur la nouvelle page qui s'affiche cliques sur le lien :
"Download Blacklight Beta Graphical user interface version",
 la fenêtre s'ouvre pour l'enregistrement, enregistre le sur ton bureau.

Quitte la fenêtre .

* Maintenant l'icone blbeta.exe doit être présent sur ton bureau
 -> double clic dessus, coche  "I accept the agreement"
 -> clique [next]  -> clique [scan]

Laisse le scanner.

Lorsque le scan est fini clique sur [next] -> [exit]

Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Double clic dessus et copie et colle le contenu de ce rapport STP


=========================

Relance Hijack,choisi « do a scan only » ou « scanner seulement » coches ces lignes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens 

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe 

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) 


Ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus, puis clique « Fix checked » ou « fixer objet ». Ferme HijackThis!

========================

désinstalle la windows live toolbar qui ne t'es d'aucune utilité.

a+

Avast n arrive pas a me sortir win 32 horst

15 réponses

Votre réponse

Discussions similaires

Newsletters