élevage de chevaux de troie... panique!!
Cyril
-
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Salut à tous. G un gros pb qui me dépasse!!
C'est à propos de mon antivirus. G avast et ça fait une dizaine de jours qu'il m'envoie le mm signal d'alerte, je serais infectée par des chevaux de troie:
-Win32:horst-GZ
-Win 32:agent-VM
-Win 32: horst-HV
-Win32:horst-HW
...... et je sais pas quoi faire!!!
Qqun peut- il m'expliquer simplement??????????
C'est à propos de mon antivirus. G avast et ça fait une dizaine de jours qu'il m'envoie le mm signal d'alerte, je serais infectée par des chevaux de troie:
-Win32:horst-GZ
-Win 32:agent-VM
-Win 32: horst-HV
-Win32:horst-HW
...... et je sais pas quoi faire!!!
Qqun peut- il m'expliquer simplement??????????
A voir également:
- élevage de chevaux de troie... panique!!
- Logiciel gestion élevage gratuit - Télécharger - Vie quotidienne
- Comment supprimer cheval de troie gratuitement - Télécharger - Antivirus & Antimalwares
- Jeux de petit chevaux gratuit à télécharger - Télécharger - Jeux vidéo
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Cheval de troie virus - Accueil - Virus
5 réponses
Bienvenue sur le forum d’entraide de CommentCaMarche.net
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Cyril
merci d'avoir repondu mais comme je suis pas du tout technique G pas conpris tes explications, tu peux étre plus simple ?
Hello
Que n'as tu pas compris dans ce que je demande?
A+
Que n'as tu pas compris dans ce que je demande?
A+
Coucou.. Beh c'est à partir de "dézippe", c'est du chinois pour moi!! En fait, avast n'arrête pas de m'envoyer le mm signal, me conseille de le mettre en quarantaine, ce que je fais, mais après, je sais plus quoi faire. Ya un truc aussi, je fais le "scan" des fichiers infectés et là, en mm tps que je reçois le signal d'un cheval de troie, une fenetre s'ouvre en me disant que "la destruction du virus a été effectué avec succès"... qu'en penses- tu, c'est grave docteur??
Bon, en me prenant la tête, j'ai compris tes explications, voilà le résultat. Si tu pouvais y jeter un coup d'oeil ça serait cool. Merci d'avance.
Logfile of HijackThis v1.99.1
Scan saved at 15:09:12, on 03/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\DOCUME~1\DEVRIC~1\LOCALS~1\Temp\24exinjs.a9.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.ini"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Mémento.lnk = C:\QUICKENW\billmind.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Logfile of HijackThis v1.99.1
Scan saved at 15:09:12, on 03/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\DOCUME~1\DEVRIC~1\LOCALS~1\Temp\24exinjs.a9.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.ini"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Mémento.lnk = C:\QUICKENW\billmind.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Ok super t as réussi a le faire.
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
Merci pour ton accompagnement, c'est vraiment sympa.
Alors voici le report truc!!:
SDFix: Version 1.81
Run by DEVRICHIAN Nathalie - 03/05/2007 - 22:18:17,34
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\DOCUME~1\DEVRIC~1\LOCALS~1\Temp\autorun.inf - Deleted
C:\WINDOWS\odbc.INI - Deleted
C:\WINDOWS\system\smss.exe - Deleted
Removing Temp Files
ADS Check:
Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.
Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Hercules\\Hercules DualPix HD Webcam\\Station2.exe"="C:\\Program Files\\Hercules\\Hercules DualPix HD Webcam\\Station2.exe:*:Enabled:Hercules Webcam Station Evolution"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\\Documents and Settings\\DEVRICHIAN Nathalie\\Local Settings\\Temporary Internet Files\\Content.IE5\\1009PT4X\\installer-9093-17-Nero-7-7-5-9-0-French[1].exe"="C:\\Documents and Settings\\DEVRICHIAN Nathalie\\Local Settings\\Temporary Internet Files\\Content.IE5\\1009PT4X\\installer-9093-17-Nero-7-7-5-9-0-French[1].exe:*:Enabled:installer-9093-17-Nero-7-7-5-9-0-French[1]"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\82exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\82exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\10exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\10exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\20exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\20exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\40exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\40exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\67exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\67exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\43exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\43exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\93exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\93exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\96exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\96exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\81exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\81exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\39exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\39exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\1exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\1exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\55exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\55exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\61exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\61exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\83exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\83exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\0exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\0exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\78exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\78exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\6exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\6exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\48exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\48exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\88exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\88exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\28exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\28exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes:
C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll
C:\Program Files\AOL 9.0\aolphx.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL 9.0\RBM.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\assistant.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\audio.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\extrnprc.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\modmerge.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natlink.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsadmin.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsbrowse.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsencinh.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsencrpt.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\sapitst2.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\savewave.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\tgssfile.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\vocsav3.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\vocsav4.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\voctool.exe.local
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL0002.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL0005.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL1704.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL2667.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL3033.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL3103.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL0232.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL0946.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL1263.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL1774.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL2395.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL2398.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL3512.tmp
Finished
Et maintenant, où en est-on??
Alors voici le report truc!!:
SDFix: Version 1.81
Run by DEVRICHIAN Nathalie - 03/05/2007 - 22:18:17,34
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\DOCUME~1\DEVRIC~1\LOCALS~1\Temp\autorun.inf - Deleted
C:\WINDOWS\odbc.INI - Deleted
C:\WINDOWS\system\smss.exe - Deleted
Removing Temp Files
ADS Check:
Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.
Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Hercules\\Hercules DualPix HD Webcam\\Station2.exe"="C:\\Program Files\\Hercules\\Hercules DualPix HD Webcam\\Station2.exe:*:Enabled:Hercules Webcam Station Evolution"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\\Documents and Settings\\DEVRICHIAN Nathalie\\Local Settings\\Temporary Internet Files\\Content.IE5\\1009PT4X\\installer-9093-17-Nero-7-7-5-9-0-French[1].exe"="C:\\Documents and Settings\\DEVRICHIAN Nathalie\\Local Settings\\Temporary Internet Files\\Content.IE5\\1009PT4X\\installer-9093-17-Nero-7-7-5-9-0-French[1].exe:*:Enabled:installer-9093-17-Nero-7-7-5-9-0-French[1]"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\82exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\82exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\10exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\10exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\20exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\20exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\40exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\40exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a6.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\67exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\67exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\9exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\43exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\43exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\93exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\93exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\18exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\96exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\96exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\81exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\81exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\39exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\39exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\1exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\1exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a7.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a7.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\22exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\55exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\55exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\61exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\61exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\73exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\83exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\83exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\45exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\0exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\0exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\76exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\60exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\53exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\78exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\78exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\6exinjs.a8.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\6exinjs.a8.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\90exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\27exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\48exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\48exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\88exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\88exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\84exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\28exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\28exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\47exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\DEVRIC~1\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes:
C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll
C:\Program Files\AOL 9.0\aolphx.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL 9.0\RBM.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\assistant.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\audio.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\extrnprc.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\modmerge.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natlink.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsadmin.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsbrowse.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsencinh.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\nsencrpt.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\sapitst2.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\savewave.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\tgssfile.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\vocsav3.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\vocsav4.exe.local
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\voctool.exe.local
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL0002.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL0005.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL1704.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL2667.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL3033.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\~WRL3103.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL0232.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL0946.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL1263.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL1774.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL2395.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL2398.tmp
C:\Documents and Settings\DEVRICHIAN Nathalie\Mes documents\MEMOIRE\L'enquˆte de terrain\~WRL3512.tmp
Finished
Et maintenant, où en est-on??
Re,
execute ceci
Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34).
http://pageperso.aol.fr/balltrap34/democleanup.htm
Puis remet un Hijackthis
a+
execute ceci
Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34).
http://pageperso.aol.fr/balltrap34/democleanup.htm
Puis remet un Hijackthis
a+
Salut, en suivant tes instructions, voilà le résultat
Logfile of HijackThis v1.99.1
Scan saved at 11:58:54, on 05/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.ini"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Mémento.lnk = C:\QUICKENW\billmind.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Logfile of HijackThis v1.99.1
Scan saved at 11:58:54, on 05/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMult.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.exe" -r "C:\Program Files\ScanSoft\NaturallySpeaking8\Program\ereg.ini"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier.exe] C:\Program Files\SuperCopier\SuperCopier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking8\Program\natspeak.exe
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Mémento.lnk = C:\QUICKENW\billmind.exe
O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
Installe AVG Anti-Spyware :
https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/
¤ Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option 3
"Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport".
Copie/colle le rapport sur le forum.
A+
Installe AVG Anti-Spyware :
https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/
¤ Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option 3
"Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport".
Copie/colle le rapport sur le forum.
A+