exmodul32.exe

Tom's Guide > Forum > Sécurité - Virus > exmodul32.exe

exmodul32.exe - Sécurité - Virus

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Répondre

Bas de page Chercher dans ce sujet

bonsoir......,en fait désolé de vous embéter mais je crois moi aussi avoir été contaminée par ce trojan no mmé "exmodul .exe" et du coup je voulais savoir votre avis .....merci d'avance .....si vous poouvez m'aider ce serait super !

Symptomes c qui rame , l'uc est bien a fond , ma connexion internet pour les jeux est dégradée , enfin la merde quoi .....je vous envoie mon rapport hijackthis ici merci pour toutes informations !

Logfile of HijackThis v1.99.1
Scan saved at 22:15:59, on 05/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
J:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jiyen\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonjour,

Les manipulations qui sont a faire sont en mode sans echec copie/colle ce que tu as a faire sur ton bureau.

Telecharge AVG et installe le. le lien : http://downloads.grisoft.cz/softw/ [...] 5.0.50.exe

Lance le et mets le à jour en cliquant sur " Mise à jour" puis ferme le programme

Et clique sur mise à jour pour les faires.

Une petite aide sur AVG lien : http://rubmic.monsite.wanadoo.fr/page6.html

Telecharge et installe Ccleaner. http://www.filehippo.com/download_ccleaner.html

Redemarre en mode sans echec en cliquant sur la touche F8 de ton clavier pendant le demarrage.

Lance Ccleaner,
clique sur la touche "Analyse", puis sur le bouton "Lancer le nettoyage".
A la fin du nettoyage clique sur le bouton "Erreurs" et repare les erreurs.

Ensuite lance AVG et clique sur "Analyse" puis sur "Analyse complete du système" puis quand le scan et terminer clique sur "appliquer toutes les actions".
Clique et enrengistrer le rapport et mets le dans un endroit facile a trouver.

Redmarre en mode normal et poste le rapport de AVG.

Fais egalement un scan en ligne Panda
http://www.pandasoftware.com/produ [...] HINT=Guest
Et poste le rapport ici.

Répondre à Tribalman

Bonjour,

Fais ça d'abord stp.

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
Répondre à Angeldark

merci de se consacrer un peu a mon cas c'est sympa les gars .....donc j'ai fait la manip demandée par Angel dark en premier ......désolé pour toi tribalman...je le ferais surement apres ce que tu m'a demandé.......donc voici les résultat : le rapport + le scan hijack.

SDFix: Version 1.45
****************

06/12/2006 - 20:33:34,59

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Jiyen\Bureau\SDFix

Stage One - Safe Mode
Checking Services...

Service Name:

File Path:

Starting Registry Repairs...

Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two - Normal Mode

Checking For Malware:
--------------------

C:\SETUP.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\13EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\28EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\30EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\32EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\33EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\35EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\36EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\3EXHDD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\46EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\49EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\53EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\56EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\59EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\63EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\65EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\69EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\72EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\75EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\77EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\80EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\87EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\92EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\95EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\96EXHD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\9EXHDD~1.EXE
C:\DOCUME~1\JIYEN\LOCALS~1\TEMP\SETUP.EXE
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\0exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\0exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\10exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\10exmodul32f.f.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\12exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\12exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\15exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\15exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\16exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\17exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\18exmodul32f.f.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\18exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\19exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\1exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\20exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\20exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\20exssd32.s.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\21exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\21exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\21exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\22exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\23exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\24exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\24exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\25exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\25exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\25exssd32.s.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\27exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\28exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\28exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\29exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\2exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\2exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\30exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\30exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\30exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\31exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\31exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\32exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\32exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\33exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\33exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\34exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\35exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\35exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\35exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\36exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\37exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\37exssd32.s.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\38exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\39exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\3exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\3exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\41exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\41exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\42exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\42exmodul32f.f.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\42exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\43exmodul32f.f.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\43exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\44exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\46exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\47exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\47exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\49exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\49exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\53exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\53exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\53exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\54exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\54exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\55exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\56exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\58exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\58exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\59exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\59exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\5exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\60exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\60exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\60exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\61exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\61exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\62exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\62exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\63exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\65exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\65exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\66exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\66exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\67exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\68exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\69exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\69exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\69exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\6exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\6exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\6exmodul32f.f.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\70exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\71exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\71exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\71exmodul32f.f.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\71exssd32.s.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\72exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\72exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\73exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\74exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\75exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\75exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\75exssd32.s.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\76exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\77exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\77exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\78exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\79exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\7exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\80exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\81exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\82exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\83exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\83exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\86exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\87exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\87exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\88exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\88exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\89exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\89exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\89exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\8exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\90exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\91exmodul32f.f.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\91exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\92exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\92exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\92exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\94exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\94exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\95exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\96exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\97exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\98exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\98exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\99exssd32.r.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\9exhdd.n.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\9exhdd.o.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\9exmodul32f.d.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\9exssd32.s.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\war3_Install.exe
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\setup.exe

Backing Up and Removing any Files Found...

Final Check:

Services:
---------

Authorized Applications Key Export:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5
C:\Program Files\Xfire\Xfire.exe REG_SZ C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire
C:\Program Files\Valve\Steam\SteamApps\blendsplit\counter-strike\hl.exe REG_SZ C:\Program Files\Valve\Steam\SteamApps\blendsplit\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe REG_SZ C:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe:*:Enabled:Battlefield 2
C:\Program Files\Valve\Steam\SteamApps\hugoambrochoup\counter-strike\hl.exe REG_SZ C:\Program Files\Valve\Steam\SteamApps\hugoambrochoup\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\Microsoft Games\Age of Empires III\age3.exe REG_SZ C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3
C:\Program Files\Warcraft III\Warcraft III.exe REG_SZ C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
C:\Program Files\Counter-Strike Source\hl2.exe REG_SZ C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2
C:\Program Files\Valve\hl.exe REG_SZ C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe REG_SZ C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC
J:\Program Files\Microsoft Games\Age of Empires III\age3.exe REG_SZ J:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3
C:\Program Files\LimeWire\LimeWire.exe REG_SZ C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
J:\Program Files\Cossacks - Back To War\DMCR.EXE REG_SZ J:\Program Files\Cossacks - Back To War\DMCR.EXE:*:Enabledmcr
C:\WINDOWS\system32\dplaysvr.exe REG_SZ C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper
C:\Program Files\Ubisoft\XIII\system\XIII.exe REG_SZ C:\Program Files\Ubisoft\XIII\system\XIII.exe:*:Enabled:XIII
J:\Program Files\EA GAMES\Battlefield 2\BF2.exe REG_SZ J:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2
J:\Installations JEUX\HALF LIFE LAN\Half-life.exe REG_SZ J:\Installations JEUX\HALF LIFE LAN\Half-life.exe:*:Enabled:Half-Life Launcher
J:\Program Files\eMule\emule.exe REG_SZ J:\Program Files\eMule\emule.exe:*:Enabled:eMule
E:\Program Files\eMule\emule.exe REG_SZ E:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\WESTWOOD\MONOPOLY\MONOPOLY.EXE REG_SZ C:\WESTWOOD\MONOPOLY\MONOPOLY.EXE:*:Enabled:MONOPOLY
C:\Program Files\CS LAN\hl.exe REG_SZ C:\Program Files\CS LAN\hl.exe:*:Enabled:Half-Life Launcher
J:\Program Files\Prey\prey.exe REG_SZ J:\Program Files\Prey\prey.exe:*:EnabledREY
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
C:\Program Files\EA GAMES\Battlefield 2\bf2_w32ded.exe REG_SZ C:\Program Files\EA GAMES\Battlefield 2\bf2_w32ded.exe:*:Enabled:bf2_w32ded
C:\Program Files\CS LAN\hlds.exe REG_SZ C:\Program Files\CS LAN\hlds.exe:*:Enabled:HLDS Launcher
C:\Program Files\Participatory Culture Foundation\Democracy Player\Democracy_Downloader.exe REG_SZ C:\Program Files\Participatory Culture Foundation\Democracy Player\Democracy_Downloader.exe:*:Enabledemocracy_Downloader
C:\Program Files\EA GAMES\Battlefield 2\BF2.exe REG_SZ C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2
C:\Program Files\CSS LAN\hl2.exe REG_SZ C:\Program Files\CSS LAN\hl2.exe:*:Enabled:hl2
C:\Program Files\Valve\Steam\SteamApps\jumpopotamus\counter-strike\hl.exe REG_SZ C:\Program Files\Valve\Steam\SteamApps\jumpopotamus\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
J:\Installations JEUX\Call of Duty\CoDMP.exe REG_SZ J:\Installations JEUX\Call of Duty\CoDMP.exe:*:Enabled:CoDMP
J:\Program Files\Focus\Techland\Call of Juarez\coj.exe REG_SZ J:\Program Files\Focus\Techland\Call of Juarez\coj.exe:*:Enabled:The Call of Juarez
C:\Program Files\Valve\Steam\SteamApps\lafleurdanslepot\counter-strike\hl.exe REG_SZ C:\Program Files\Valve\Steam\SteamApps\lafleurdanslepot\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
C:\Program Files\Skype\Phone\Skype.exe REG_SZ C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
C:\WINDOWS\system32\svchost.exe REG_SZ C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\87exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\87exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\31exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\31exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\37exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\37exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\20exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\20exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\96exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\96exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\41exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\41exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\69exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\69exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\0exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\0exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\84exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\84exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\79exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\79exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\18exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\18exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\44exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\44exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\70exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\70exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\86exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\86exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\26exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\26exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\43exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\43exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\23exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\23exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\32exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\32exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\6exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\6exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\39exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\39exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\65exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\65exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\19exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\19exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\74exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\74exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\8exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\8exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\42exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\42exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\34exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\34exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\1exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\1exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\10exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\10exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\38exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\38exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\81exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\81exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\45exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\45exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\89exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\89exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\62exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\62exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\16exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\16exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\24exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\24exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\51exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\51exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\21exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\21exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\92exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\92exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\2exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\2exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\95exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\95exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\5exmodul32f.c.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\5exmodul32f.c.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\81exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\81exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\13exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\6exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\6exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\88exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\88exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\69exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\69exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\62exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\62exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\2exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\2exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\98exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\98exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\71exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\71exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\59exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\59exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\87exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\87exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\3exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\3exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\61exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\61exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\23exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\23exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\53exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\53exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\74exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\74exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\15exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\15exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\42exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\42exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\10exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\10exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\60exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\60exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\21exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\21exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\25exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\25exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\22exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\22exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\34exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\34exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\92exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\92exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\89exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\89exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\9exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\9exmodul32f.d.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Jiyen\LOCALS~1\Temp\35exmodul32f.d.exe REG_SZ C:\DOCUME~1\Jiyen\LOCALS~1\Temp\35exmodul32f.d.exe:*:Enabled:Microsoft Update

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5

Authorized Applications Key Not Found

Full SharedAccess Key Export:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess
DependOnGroup REG_MULTI_SZ \0
DependOnService REG_MULTI_SZ Netman\0WinMgmt\0\0
Description REG_SZ Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique.
DisplayName REG_SZ Pare-feu Windows / Partage de connexion Internet
ErrorControl REG_DWORD 0x1
ImagePath REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
ObjectName REG_SZ LocalSystem
Start REG_DWORD 0x2
Type REG_DWORD 0x20

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum

Files:
------

Backups Folder: - C:\DOCUME~1\Jiyen\Bureau\SDFix\backups\backups.zip

Checking for files with Hidden Attributes:

C:\Program Files\Canon\MP Navigator 2.0\uinstrsc.dll
C:\Program Files\Canon\MP Navigator 2.0\Maint.exe
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys

FINISHED!

Logfile of HijackThis v1.99.1
Scan saved at 20:43:03, on 06/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jiyen\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

Répondre à furlong

ah mince ca dépasse la page ......désolé comment faire ?

Répondre à furlong

Pas grave

Fais ce qu'a dit TribalMan maintenant.

Répondre à Angeldark

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > exmodul32.exe

Aller à :

Aide |
Règles du forum

Il y a 783 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Page générée en 0,284 secondes

Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler

Liens

Donne ton avis en vidéo

Messages similaires

Les derniers dossiers

Les histoires les plus incroyables de Facebook

Réviser ses examens sur Internet

TV Samsung à LED : le test de la LE40A796

TV Philips à LED : le test de la 42PFL9803H

Téléchargement

Liens commerciaux

Attention