Plusieur cheval de troie(3-4)[24 mars 2007]

Plusieur cheval de troie(3-4)[24 mars 2007] - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

Dans la même thématique :

Ceci répond-il à votre question ? Oui | Non

Voir les posts : Par défaut Tous Les bonnes notes Les notes insuffisantes

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : Plusieur cheval de troie(3-4)[24 mars 2007]

a75b015

Mince! Je perd mais boyaux.....!!!
Profil : IDNaute

Plus d'informations

24-03-2007 à 09:46:18

bonjour

je sais pas comment c'est arrivé, mais il s'amuse sur mon pc sa me gache mon existence!!! j'ai essayer de les deletes mais les trojans c'est pas mon truc....

voila le rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:44:09, on 24/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\WINDOWS\services.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\services.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Documents and Settings\courteoux\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL (file missing)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb103\Dealio.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL (file missing)
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb103\Dealio.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [Loud Date 16 Soap] C:\Documents and Settings\All Users\Application Data\Dumbbaselouddate\Thunkdash.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Gpl roam] C:\DOCUME~1\COURTE~1\APPLIC~1\32DALE~1\PART WINDOW CLOCK.exe
O4 - HKLM\..\Policies\Explorer\Run: [DirectX For Microsoft® Windows] C:\WINDOWS\system32\fservice.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb103\res\DealioSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb103\Dealio.dll (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7427 bytes

Merci d'avance, je pense qu'il sont mi un keylogger avec donc il save surement que je poste ici, merci de faire au plus vite il vont finir par me pété mon pC

Liens

chercheur_

Profil : Helper

Plus d'informations

24-03-2007 à 09:50:35

Masquer

Bonjour

$$ Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com [...] /SDFix.zip

$$ Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.

$$ Fais un clic droit sur SDFix.zip et choisis "Extraire tout"
Double-clique sur RunThis.bat
Tape Y pour lancer le script.
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
Presse une touche pour redémarrer

Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt" avec un nouveau HijackThis.

Poste aussi ce rapport. Télécharge LopxpMH sur ton Bureau.

http://perso.numericable.fr/~altsh [...] pxpMH2.zip

Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.

Poste le contenu du rapport qui va s'ouvrir.

a75b015

Mince! Je perd mais boyaux.....!!!
Profil : IDNaute

Plus d'informations

24-03-2007 à 09:54:16

Masquer

Ok, j'enrengistre la page et je suis les insctruction, je post le rapport après

a75b015

Mince! Je perd mais boyaux.....!!!
Profil : IDNaute

Plus d'informations

24-03-2007 à 10:09:44

Masquer

Heu..Y a pas SDFix dans le mode sans échec, j'ia bien était en mode sans échec mais y avait pas le racourci; il en manquait plein d'autre aussi :s

a75b015

Mince! Je perd mais boyaux.....!!!
Profil : IDNaute

Plus d'informations

24-03-2007 à 10:33:51

Masquer

To run the SDFix tool please reboot to Safe Mode
(Reboot, tap the F8 Key and choose Safe Mode from the Advanced M

1. Download/Run a-squared (EMSI Software - 10.5 MB
2. Download/Run NGenFix (Norman - 2.3 MB)
3. Download/Run SAV32CLI (Sophos - 10.1 MB)

S. Save Add/Remove programs List
U. Download latest version of SDFix

E. EXIT

(Active Internet Connection Required To Download Files)

Type S,U,1,2,3 or E to Exit.... sa mais sa quand j'ouvre Runthis

a75b015

Mince! Je perd mais boyaux.....!!!
Profil : IDNaute

Plus d'informations

24-03-2007 à 10:37:38

Masquer

er quand je tape Y sa se ferme

a75b015

Mince! Je perd mais boyaux.....!!!
Profil : IDNaute

Plus d'informations

24-03-2007 à 10:45:52

Masquer

SDFix v1.74

Updated 22nd March 9pm SDFix will only run on Windows 2000 and Windows XP in Safe Mode !
Search Page (Online) View Changelog (Online)

Catchme W2K/XP/Vista - Userland Rootkit Detector By Gmer - www.gmer.net/catchme

SDFix uses files by the following developers:
Alexander Frink Charles Dye Craig Peacock Flexhex Gmer
Frank Heyne Software Noël Danjou Robin Keir SteelWerX

Thankyou to them. everyone at SpywareInfo and the MR team

The fixtool removes these Trojan Variants (Listed using Trend Micro's - HijackThis)

Backdoor (IRCBot) Trojans:

O4 - Startup: MY_C4D.jpg
O4 - Startup: rBot.exe
O4 - Startup: svchost.exe
O4 - Startup: winlogon.lnk = ?
O4 - Global Startup: msconfig.exe
O4 - Global Startup: svchost.exe
O4 - Global Startup: taskmgr.exe
O4 - Global Startup: Wincbr.exe
O4 - Global Startup: winlogin.exe
O4 - Global Startup: wupdmgr.exe

O4 - HKLM\..\Run: [] ifconfig.exe
O4 - HKLM\..\RunServices: [] ifconfig.exe
O4 - HKCU\..\Run: [] ifconfig.exe

O4 - HKLM\..\Run: [] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [] C:\WINDOWS\scvhost.exe

O4 - HKLM\..\Run: [] winxp.exe
O4 - HKLM\..\RunServices: [] winxp.exe
O4 - HKCU\..\Run: [] winxp.exe

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [.nvsvcb] C:\WINDOWS\System32\smssb.exe

F2 - REG:system.ini: Shell=Explorer.exe update.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,update.exe
O4 - HKLM\..\Run: [aa bbcc dde effgghh jj] update.exe
O4 - HKCU\..\Run: [aa bbcc dde effgghh jj] update.exe

O4 - HKLM\..\Run: [Acrobat Read] C:\WINDOWS\System32\acroup32.exe
O4 - HKCU\..\Run: [Acrobat Read] C:\WINDOWS\System32\acroup32.exe

O4 - HKLM\..\Run: [ActiveScan Antivirus] ActiveScan.exe
O4 - HKLM\..\RunServices: [ActiveScan Antivirus] ActiveScan.exe
O4 - HKCU\..\Run: [ActiveScan Antivirus] ActiveScan.exe
O4 - HKCU\..\RunServices: [ActiveScan Antivirus] ActiveScan.exe

O4 - HKLM\..\Run: [AdobeReader] msni.exe
O4 - HKLM\..\RunServices: [AdobeReader] msni.exe

O4 - HKLM\..\Run: [AdobeReaderPro] msnserve.exe
O4 - HKLM\..\RunServices: [AdobeReaderPro] msnserve.exe

O4 - HKLM\..\Run: [AdobeReaderPro] winslog.exe
O4 - HKLM\..\RunServices: [AdobeReaderPro] winslog.exe
O4 - HKCU\..\Run: [AdobeReaderPro] winslog.exe

O4 - HKLM\..\Run: [AdobeReaderProfessional] msx64.exe
O4 - HKLM\..\RunServices: [AdobeReaderProfessional] msx64.exe

O4 - HKLM\..\Run: [AdobeReaderPros] sysmsn.exe
O4 - HKLM\..\RunServices: [AdobeReaderPros] sysmsn.exe

O4 - HKLM\..\Run: [Application Layer Gateway Service] C:\WINDOWS\system32\algs.exe

O4 - HKLM\..\Run: [ApplicationProtocolRun] smsbvl32.exe
O4 - HKCU\..\Run: [ApplicationProtocolRun] smsbvl32.exe

O4 - HKLM\..\Run: [asnconsole] msasn.exe
O4 - HKLM\..\RunServices: [asnconsole] msasn.exe

F2 - REG:system.ini: Shell=Explorer.exe asus.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,asus.exe
O4 - HKLM\..\Run: [Asus MotherBoard Utility] asus.exe
O4 - HKLM\..\RunServices: [Asus MotherBoard Utility] asus.exe
O4 - HKCU\..\Run: [Asus MotherBoard Utility] asus.exe
O4 - HKCU\..\RunServices: [Asus MotherBoard Utility] asus.exe

O4 - HKLM\..\Run: [ATI Active Graphics Card Monitor] C:\WINDOWS\System32\atievx.exe

O4 - HKLM\..\Run: [ATI AS Filter] msnse.exe
O4 - HKLM\..\RunServices: [ATI AS Filter] msnse.exe
O4 - HKCU\..\Run: [ATI AS Filter] msnse.exe
O4 - HKCU\..\RunServices: [ATI AS Filter] msnse.exe

O4 - HKLM\..\Run: [ATI Display Driver] C:\WINDOWS\system32\drivers\atixd.exe
O4 - HKLM\..\RunServices: [ATI Display Driver] C:\WINDOWS\system32\drivers\atixd.exe

O4 - HKLM\..\Run: [Ati Display Settings] C:\WINDOWS\System32\atividx.exe
O4 - HKLM\..\RunServices: [Ati Display Settings] C:\WINDOWS\System32\atividx.exe

O4 - HKLM\..\Run: [ATI Video Driver Control] atigfx.exe
O4 - HKLM\..\RunServices: [ATI Video Driver Control] atigfx.exe
O4 - HKCU\..\Run: [ATI Video Driver Control] atigfx.exe
O4 - HKCU\..\RunServices: [ATI Video Driver Control] atigfx.exe

O4 - HKLM\..\Run: [ATI Video Driver Control] pixman.exe
O4 - HKLM\..\RunServices: [ATI Video Driver Control] pixman.exe
O4 - HKCU\..\Run: [ATI Video Driver Control] pixman.exe
O4 - HKCU\..\RunServices: [ATI Video Driver Control] pixman.exe

O4 - HKLM\..\Run: [Automatic Updates] wupdmgr32x.exe
O4 - HKLM\..\RunServices: [Automatic Updates] wupdmgr32x.exe
O4 - HKCU\..\Run: [Automatic Updates] wupdmgr32x.exe
O4 - HKCU\..\RunServices: [Automatic Updates] wupdmgr32x.exe

O4 - HKLM\..\Run: [Auto updat] crsrs.exe
O4 - HKLM\..\RunOnce: [Auto updat] crsrs.exe
O4 - HKLM\..\RunServices: [Auto updat] crsrs.exe
O4 - HKCU\..\Run: [Auto updat] crsrs.exe
O4 - HKCU\..\RunOnce: [Auto updat] crsrs.exe

O4 - HKLM\..\Run: [blah services] xagwxzy.exe
O4 - HKLM\..\RunServices: [blah services] xagwxzy.exe

O4 - HKLM\..\Run: [BLF] C:\WINDOWS\system32\blf.exe

O4 - HKLM\..\Run: [Casino Royale] jamesbond.exe
O4 - HKLM\..\RunServices: [Casino Royale] jamesbond.exe

O4 - HKLM\..\Run: [Catalyst Control Centre] atixvdm.exe
O4 - HKLM\..\RunServices: [Catalyst Control Centre] atixvdm.exe

O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\system32\csrs.exe

O4 - HKLM\..\Run: [Client Server Run Time Proccess] csrsrv.exe
O4 - HKLM\..\RunServices: [Client Server Run Time Proccess] csrsrv.exe

O4 - HKLM\..\Run: [Command Interpreter] ucmd.exe
O4 - HKLM\..\RunServices: [Command Interpreter] ucmd.exe

O4 - HKLM\..\Run: [Compaq32 Service Drivers] ms32.exe
O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] ms32.exe
O4 - HKCU\..\Run: [Compaq32 Service Drivers] ms32.exe
O4 - HKCU\..\RunServices: [Compaq32 Service Drivers] ms32.exe

O4 - HKLM\..\Run: [Compaq32 Service Drivers] msconfig32.exe
O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe
O4 - HKCU\..\Run: [Compaq32 Service Drivers] msconfig32.exe
O4 - HKCU\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe

O4 - HKLM\..\Run: [Compaq Service Drivrs] copq.exe
O4 - HKLM\..\RunServices: [Compaq Service Drivrs] copq.exe
O4 - HKCU\..\Run: [Compaq Service Drivrs] copq.exe

O4 - HKLM\..\Run: [Compaq Service Drivers] msnsvc.exe
O4 - HKLM\..\RunServices: [Compaq Service Drivers] msnsvc.exe
O4 - HKCU\..\Run: [Compaq Service Drivers] msnsvc.exe

O4 - HKLM\..\Run: [Compaq Service Drivers] winsvc.exe
O4 - HKLM\..\RunServices: [Compaq Service Drivers] winsvc.exe

O4 - HKLM\..\Run: [Compaq Service Drivers 32] compq32.exe
O4 - HKLM\..\RunServices: [Compaq Service Drivers 32] compq32.exe
O4 - HKCU\..\Run: [Compaq Service Drivers 32] compq32.exe
O4 - HKCU\..\RunServices: [Compaq Service Drivers 32] compq32.exe

O4 - HKLM\..\Run: [Configuration Loader] configldr.exe
O4 - HKLM\..\RunServices: [Configuration Loader] configldr.exe

O4 - HKLM\..\Run: [Configuration Loader] iexplore.exe
O4 - HKLM\..\RunServices: [Configuration Loader] iexplore.exe

O4 - HKLM\..\Run: [Configuration Loader] scvhost.exe
O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe

O4 - HKLM\..\Run: [Configuration Loader] svchost2.exe
O4 - HKLM\..\RunServices: [Configuration Loader] svchost2.exe

O4 - HKLM\..\Run: [Configuration Loader] syscfg32.exe
O4 - HKLM\..\RunServices: [Configuration Loader] syscfg32.exe

O4 - HKLM\..\RunServices: [Configuration Loader] loadcfg32.exe

O4 - HKLM\..\Run: [Configuration Servecie] sewins.exe
O4 - HKLM\..\RunServices: [Configuration Servecie] sewins.exe
O4 - HKCU\..\Run: [Configuration Servecie] sewins.exe

O4 - HKLM\..\Run: [control panel software service] cprs.exe
O4 - HKLM\..\RunServices: [control panel software service] cprs.exe
O4 - HKCU\..\Run: [control panel software service] cprs.exe

O4 - HKLM\..\Run: [cpanel] C:\WINDOWS\system32\winlogin32.exe
O4 - HKCU\..\Run: [cpanel] C:\WINDOWS\system32\winlogin32.exe

O4 - HKLM\..\Run: [CPMP32 Settings] cpmp32.exe
O4 - HKLM\..\RunServices: [CPMP32 Settings] cpmp32.exe
O4 - HKCU\..\Run: [CPMP32 Settings] cpmp32.exe

O4 - HKLM\..\Run: [CPVHOST Settings] cpvhost.exe
O4 - HKLM\..\RunServices: [CPVHOST Settings] cpvhost.exe
O4 - HKCU\..\Run: [CPVHOST Settings] cpvhost.exe

O4 - HKLM\..\Run: [CRCSS] crcss.exe

F2 - REG:system.ini: Shell=Explorer.exe creative.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,creative.exe
O4 - HKLM\..\Run: [Creative Audio Drivers] creative.exe
O4 - HKLM\..\RunServices: [Creative Audio Drivers] creative.exe
O4 - HKCU\..\Run: [Creative Audio Drivers] creative.exe
O4 - HKCU\..\RunServices: [Creative Audio Drivers] creative.exe

O4 - HKLM\..\Run: [Creative Devldr32] devldr32exe
O4 - HKLM\..\RunServices: [Creative Devldr32] devldr32exe
O4 - HKLM\..\RunOnce: [Creative Devldr32] devldr32exe
O4 - HKCU\..\Run: [Creative Devldr32] devldr32exe
O4 - HKCU\..\RunServices: [Creative Devldr32] devldr32exe
O4 - HKCU\..\RunOnce: [Creative Devldr32] devldr32exe

O4 - HKLM\..\Run: [CRP386 Networking] crp386.exe
O4 - HKLM\..\RunServices: [CRP386 Networking] crp386.exe
O4 - HKCU\..\Run: [CRP386 Networking] crp386.exe

O4 - HKLM\..\Run: [CRSSXP SysInfo] crssxp.exe
O4 - HKLM\..\RunServices: [CRSSXP SysInfo] crssxp.exe
O4 - HKCU\..\Run: [CRSSXP SysInfo] crssxp.exe

O4 - HKLM\..\Run: [DELXP Protocol] delxp.exe
O4 - HKLM\..\RunServices: [DELXP Protocol] delxp.exe
O4 - HKCU\..\Run: [DELXP Protocol] delxp.exe

O4 - HKLM\..\Run: [Device Manager] wfxmgr.exe
O4 - HKLM\..\RunServices: [Device Manager] wfxmgr.exe

O4 - HKLM\..\Run: [DIVX Video Player] DIVXPloyer.exe
O4 - HKLM\..\RunServices: [DIVX Video Player] DIVXPloyer.exe

F2 - REG:system.ini: Shell=Explorer.exe windfe.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,windfe.exe
O4 - HKLM\..\Run: [DLINK dfe drivers for Windows NT] windfe.exe
O4 - HKLM\..\RunServices: [DLINK dfe drivers for Windows NT] windfe.exe
O4 - HKCU\..\Run: [DLINK dfe drivers for Windows NT] windfe.exe
O4 - HKCU\..\RunServices: [DLINK dfe drivers for Windows NT] windfe.exe

O4 - HKLM\..\Run: [DRam prmaessor] mp2Ld.exe
O4 - HKLM\..\RunServices: [DRam prmaessor] mp2Ld.exe

O4 - HKLM\..\Run: [DRam prosessor] dll.exe
O4 - HKLM\..\RunServices: [DRam prosessor] dll.exe

O4 - HKLM\..\Run: [DRam prosessor] HWAPI.exe
O4 - HKLM\..\RunServices: [DRam prosessor] HWAPI.exe

O4 - HKLM\..\Run: [DRam prosessor] plscd.exe
O4 - HKLM\..\RunServices: [DRam prosessor] plscd.exe

O4 - HKLM\..\Run: [DRam prosessor] winsys.exe
O4 - HKLM\..\RunServices: [DRam prosessor] winsys.exe

O4 - HKLM\..\Run: [Drammm] lolla.exe
O4 - HKLM\..\RunServices: [Drammm] lolla.exe

O4 - HKLM\..\Run: [DRan posessor] DAP.exe
O4 - HKLM\..\RunServices: [DRan posessor] DAP.exe

O4 - HKLM\..\Run: [dsd] zz.exe
O4 - HKLM\..\RunServices: [dsd] zz.exe
O4 - HKCU\..\Run: [dsd] zz.exe
O4 - HKCU\..\RunServices: [dsd] zz.exe

O4 - HKLM\..\Run: [Dynamic Dns Binary] cmd16.exe
O4 - HKLM\..\RunServices: [Dynamic Dns Binary] cmd16.exe
O4 - HKCU\..\Run: [Dynamic Dns Binary] cmd16.exe

O4 - HKLM\..\Run: [Eclipse Environment] C:\WINDOWS\system32\eclipse.exe

F2 - REG:system.ini: Shell=Explorer.exe esijavaupdt32.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,esijavaupdt32.exe
O4 - HKLM\..\Run: [es Java Update For Windows NT/XP] esijavaupdt32.exe
O4 - HKCU\..\Run: [es Java Update For Windows NT/XP] esijavaupdt32.exe

O4 - HKLM\..\Run: [EUP Service] C:\WINDOWS\system32\eupsvc.exe

O4 - HKLM\..\Run: [explorer] C:\WINDOWS\system32\scif\explorer.exe

O4 - HKLM\..\Run: [Expl0rer soft] expl0rer.pif
O4 - HKLM\..\RunServices: [Expl0rer soft] expl0rer.pif

O4 - HKLM\..\Run: [File System] taskmqr.exe
O4 - HKLM\..\RunServices: [File System] taskmqr.exe
O4 - HKCU\..\Run: [File System] taskmqr.exe

O4 - HKLM\..\Run: [File System] taskmqrs.exe
O4 - HKLM\..\RunServices: [File System] taskmqrs.exe
O4 - HKCU\..\Run: [File System] taskmqrs.exe

O4 - HKLM\..\Run: [FrameWork 2.5] FrameWork.exe
O4 - HKLM\..\RunServices: [FrameWork 2.5] FrameWork.exe

O4 - HKLM\..\Run: [FW Manager] C:\WINDOWS\system32\fwcheck.exe

O4 - HKLM\..\Run: [gcasServ32] gcasServ32.exe
O4 - HKCU\..\RunOnce: [gcasServ32] gcasServ32.exe

O4 - HKLM\..\Run: [Generic Host Process for Win32 Services] C:\WINDOWS\svchost.exe

O4 - HKLM\..\Run: [google] google.exe
O4 - HKLM\..\RunServices: [google] google.exe

O4 - HKLM\..\Run: [Google service] Googlesetup.exe
O4 - HKLM\..\RunServices: [Google service] Googlesetup.exe

O4 - HKLM\..\Run: [Hardware Shell Detection] WinHSD.exe
O4 - HKLM\..\RunServices: [Hardware Shell Detection] WinHSD.exe
O4 - HKCU\..\Run: [Hardware Shell Detection] WinHSD.exe

O4 - HKLM\..\Run: [HTTP Tunneling Server] mstunnel.exe
O4 - HKLM\..\RunServices: [HTTP Tunneling Server] mstunnel.exe
O4 - HKCU\..\Run: [HTTP Tunneling Server] mstunnel.exe
O4 - HKCU\..\RunServices: [HTTP Tunneling Server] mstunnel.exe

O4 - HKLM\..\Run: [IEUpdate] ieupdate.exe
O4 - HKLM\..\RunServices: [IEUpdate] ieupdate.exe
O4 - HKCU\..\Run: [IEUpdate] ieupdate.exe

O4 - HKLM\..\Run: [IExplorer6 Java Scripting] IExplore326.exe
O4 - HKLM\..\RunServices: [IExplorer6 Java Scripting] IExplore326.exe
O4 - HKCU\..\Run: [IExplorer6 Java Scripting] IExplore326.exe

O4 - HKLM\..\Run: [InternetExplorer2] C:\WINDOWS\System32\windows.exe
O4 - HKLM\..\RunServices: [InternetExplorer2] C:\WINDOWS\System32\windows.exe

O4 - HKLM\..\Run: [Internet Explorer Security] iexplore.pif
O4 - HKLM\..\RunServices: [Internet Explorer Security] iexplore.pif
O4 - HKCU\..\Run: [Internet Explorer Security] iexplore.pif
O4 - HKCU\..\RunServices: [Internet Explorer Security] iexplore.pif

O4 - HKLM\..\Run: [Index Service] dllhost32.exe
O4 - HKLM\..\RunServices: [Index Service] dllhost32.exe

O4 - HKLM\..\Run: [Intec Services Driverrs] winrvc.exe
O4 - HKLM\..\RunServices: [Intec Services Driverrs] winrvc.exe

O4 - HKLM\..\Run: [Intel Driver] csrs.exe
O4 - HKLM\..\RunServices: [Intel Driver] csrs.exe

O4 - HKLM\..\Run: [Internet] C:\WINDOWS\SYSTEM32\alota.exe
O4 - HKLM\..\RunServices: [Internet] C:\WINDOWS\SYSTEM32\alota.exe

O4 - HKLM\..\Run: [Internet] C:\WINDOWS\System32\nteusodp.exe
O4 - HKLM\..\RunServices: [Internet] C:\WINDOWS\System32\nteusodp.exe

O4 - HKLM\..\Run: [Internet] C:\WINDOWS\SYSTEM32\winlogom.exe
O4 - HKLM\..\RunServices: [Internet] C:\WINDOWS\SYSTEM32\winlogom.exe

O4 - HKLM\..\Run: [internet] winsas32.exe
O4 - HKLM\..\RunServices: [internet] winsas32.exe
O4 - HKCU\..\Run: [internet] winsas32.exe

O4 - HKLM\..\Run: [INTERNET EXPLORER] iexplor.exe
O4 - HKLM\..\RunServices: [INTERNET EXPLORER] iexplor.exe
O4 - HKCU\..\Run: [INTERNET EXPLORER] iexplor.exe

O4 - HKLM\..\Run: [Internet Security Service] msq32.exe
O4 - HKLM\..\RunServices: [Internet Security Service] msq32.exe
O4 - HKCU\..\Run: [Internet Security Service] msq32.exe

O4 - HKLM\..\Run: [internet service] svho0st98.exe
O4 - HKLM\..\RunServices: [internet service] svho0st98.exe

O4 - HKLM\..\Run: [IRQ Assigning Agent] IRQconf.exe
O4 - HKLM\..\RunServices: [IRQ Assigning Agent] IRQconf.exe

O4 - HKLM\..\Run: [iTunes Music] iTunesHelper32.exe
O4 - HKLM\..\RunServices: [iTunes Music] iTunesHelper32.exe

O4 - HKLM\..\Run: [JA Config 32] Awesome32.exe
O4 - HKLM\..\RunServices: [JA Config 32] Awesome32.exe
O4 - HKCU\..\Run: [JA Config 32] Awesome32.exe

O4 - HKLM\..\Run: [Java Runtime Environment] C:\WINDOWS\system32\jbuild.exe

O4 - HKLM\..\Run: [Java Runtime Value] runjava.exe
O4 - HKLM\..\RunServices: [Java Runtime Value] runjava.exe
O4 - HKCU\..\Run: [Java Runtime Value] runjava.exe
O4 - HKCU\..\RunServices: [Java Runtime Value] runjava.exe

O4 - HKLM\..\Run: [Java Update] nod.exe
O4 - HKLM\..\RunServices: [Java Update] nod.exe
O4 - HKCU\..\Run: [Java Update] nod.exe

O4 - HKLM\..\Run: [JW Manager] jwmngr.exe

O4 - HKLM\..\Run: [JXL Radio] jxl.exe
O4 - HKLM\..\RunServices: [JXL Radio] jxl.exe
O4 - HKCU\..\Run: [JXL Radio] jxl.exe
O4 - HKCU\..\RunServices: [JXL Radio] jxl.exe

O4 - HKLM\..\Run: [LEMSRV] C:\WINDOWS\system32\lemsrv.exe

O4 - HKLM\..\Run: [Linksys Modem Drivers] linksys.exe
O4 - HKLM\..\RunServices: [Linksys Modem Drivers] linksys.exe
O4 - HKCU\..\Run: [Linksys Modem Drivers] linksys.exe

O4 - HKLM\..\Run: [Limewire] LimeWire.exe
O4 - HKLM\..\RunServices: [Limewire] LimeWire.exe

O4 - HKLM\..\Run: [Live-Help] lmns.exe
O4 - HKLM\..\RunServices: [Live-Help] lmns.exe
O4 - HKCU\..\Run: [Live-Help] lmns.exe

O4 - HKLM\..\Run: [Loader msgzl] msgzl.exe
O4 - HKLM\..\RunServices: [Loader msgzl] msgzl.exe
O4 - HKLM\..\Run: [Loader msgzl] msgzl.exe

O4 - HKLM\..\Run: [Local area connection] winlive.exe
O4 - HKLM\..\RunServices: [Local area connection] winlive.exe

O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\lssas.exe

O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\Isass.exe

O4 - HKLM\..\Run: [Lsass16] C:\WINDOWS\lsass16.exe

O4 - HKLM\..\Run: [lsass2k Update] lsass2k.exe
O4 - HKLM\..\RunServices: [lsass2k Update] lsass2k.exe
O4 - HKCU\..\Run: [lsass2k Update] lsass2k.exe

O4 - HKLM\..\Run: [lsass32] lsass32.exe
O4 - HKLM\..\RunServices: [lsass32] lsass32.exe

O4 - HKLM\..\Run: [Master Card Updaate 32] Mastercard32.exe
O4 - HKLM\..\RunServices: [Master Card Updaate 32] Mastercard32.exe

O4 - HKLM\..\Run: [McAfee Online virus Scanner] avp.exe
O4 - HKLM\..\RunServices: [McAfee Online virus Scanner] avp.exe

O4 - HKLM\..\Run: [Media Software UPdater] sscs.exe
O4 - HKLM\..\RunServices: [Media Software UPdater] sscs.exe
O4 - HKCU\..\Run: [Media Software UPdater] sscs.exe

O4 - HKLM\..\Run: [MediaXPServicePack] mxpsp.exe
O4 - HKLM\..\RunServices: [MediaXPServicePack] mxpsp.exe
O4 - HKCU\..\Run: [MediaXPServicePack] mxpsp.exe
O4 - HKCU\..\RunServices: [MediaXPServicePack] mxpsp.exe

O4 - HKLM\..\Run: [Messenger91] messengersystem.exe
O4 - HKLM\..\RunServices: [Messenger91] messengersystem.exe

O4 - HKLM\..\Run: [Mi7sft sdce] scorti.exe
O4 - HKLM\..\RunServices: [Mi7sft sdce] scorti.exe

O4 - HKLM\..\Run: [Micosoft Data Core] antivir32.exe
O4 - HKLM\..\RunServices: [Micosoft Data Core] antivir32.exe

O4 - HKLM\..\Run: [Micosoft Data Core] iexplore.exe
O4 - HKLM\..\RunServices: [Micosoft Data Core] iexplore.exe

O4 - HKLM\..\Run: [Micosoft Data Core] shell32.exe
O4 - HKLM\..\RunServices: [Micosoft Data Core] shell32.exe

O4 - HKLM\..\Run: [Micromedia Flash Update] xptxt.exe
O4 - HKLM\..\RunServices: [Micromedia Flash Update] xptxt.exe

O4 - HKLM\..\Run: [Microsft Security Monitor Process] cmh.exe
O4 - HKLM\..\RunServices: [Microsft Security Monitor Process] cmh.exe

O4 - HKLM\..\Run: [Microsft Security Monitor Process] mssmppp.exe
O4 - HKLM\..\RunServices: [Microsft Security Monitor Process] mssmppp.exe

O4 - HKLM\..\Run: [Microsoft] .exe
O4 - HKLM\..\RunServices: [Microsoft] .exe

O4 - HKLM\..\Run: [Microsoft] guard.exe
O4 - HKLM\..\RunServices: [Microsoft] guard.exe
O4 - HKCU\..\Run: [Microsoft] guard.exe

O4 - HKLM\..\Run: [Microsoft] iexplorer.exe
O4 - HKLM\..\RunServices: [Microsoft] iexplorer.exe

O4 - HKLM\..\Run: [Microsoft] C:\WINDOWS\System32\Isass.exe
O4 - HKLM\..\RunServices: [Microsoft] C:\WINDOWS\System32\Isass.exe

O4 - HKLM\..\Run: [Microsoft] iusr.exe
O4 - HKLM\..\RunServices: [Microsoft] iusr.exe
O4 - HKCU\..\Run: [Microsoft] iusr.exe

O4 - HKLM\..\Run: [Microsoft] lsass.ppf
O4 - HKLM\..\RunServices: [Microsoft] lsass.ppf
O4 - HKCU\..\Run: [Microsoft] lsass.ppf

O4 - HKLM\..\Run: [Microsoft] mixers.exe
O4 - HKLM\..\RunServices: [Microsoft] mixers.exe
O4 - HKCU\..\Run: [Microsoft] mixers.exe

O4 - HKLM\..\Run: [Microsoft] msmsger.exe
O4 - HKLM\..\RunServices: [Microsoft] msmsger.exe
O4 - HKCU\..\Run: [Microsoft] msmsger.exe

O4 - HKLM\..\Run: [Microsoft] msns.exe
O4 - HKLM\..\RunServices: [Microsoft] msns.exe

O4 - HKLM\..\Run: [Microsoft] MSUPDATE.exe
O4 - HKCU\..\Run: [Microsoft] MSUPDATE.exe

O4 - HKLM\..\Run: [Microsoft] msvchost.exe
O4 - HKLM\..\RunServices: [Microsoft] msvchost.exe

O4 - HKLM\..\Run: [Microsoft] msvcs.exe
O4 - HKLM\..\RunServices: [Microsoft] msvcs.exe

O4 - HKLM\..\Run: [Microsoft] Nvpss.exe
O4 - HKLM\..\RunServices: [Microsoft] Nvpss.exe

O4 - HKLM\..\Run: [Microsoft] qtask.exe
O4 - HKLM\..\RunServices: [Microsoft] qtask.exe
O4 - HKCU\..\Run: [Microsoft] qtask.exe

O4 - HKLM\..\Run: [Microsoft] radnom.exe
O4 - HKLM\..\RunServices: [Microsoft] radnom.exe
O4 - HKCU\..\Run: [Microsoft] radnom.exe

O4 - HKLM\..\Run: [Microsoft] rtvcscan.exe
O4 - HKLM\..\RunServices: [Microsoft] rtvcscan.exe
O4 - HKCU\..\Run: [Microsoft] rtvcscan.exe

O4 - HKLM\..\Run: [Microsoft] rundll.exe
O4 - HKLM\..\RunServices: [Microsoft] rundll.exe
O4 - HKCU\..\Run: [Microsoft] rundll.exe

O4 - HKLM\..\Run: [Microsoft] svchost32.exe
O4 - HKLM\..\RunServices: [Microsoft] svchost32.exe

O4 - HKLM\..\Run: [Microsoft] C:\WINDOWS\System32\taskbar.exe
O4 - HKLM\..\RunServices: [Microsoft] C:\WINDOWS\System32\taskbar.exe

O4 - HKLM\..\Run: [Microsoft] wcsntfy.exe
O4 - HKLM\..\RunServices: [Microsoft] wcsntfy.exe
O4 - HKCU\..\Run: [Microsoft] wcsntfy.exe

O4 - HKLM\..\Run: [Microsoft] winlog.exe
O4 - HKLM\..\RunServices: [Microsoft] winlog.exe
O4 - HKCU\..\Run: [Microsoft] winlog.exe

O4 - HKLM\..\Run: [Microsoft] winlogom.exe
O4 - HKLM\..\RunServices: [Microsoft] winlogom.exe

O4 - HKLM\..\Run: [Microsoft] winsock.exe
O4 - HKLM\..\RunServices: [Microsoft] winsock.exe

O4 - HKLM\..\Run: [Microsoft ALG32 Protocol] alg32.exe
O4 - HKLM\..\RunServices: [Microsoft ALG32 Protocol] alg32.exe
O4 - HKCU\..\Run: [Microsoft ALG32 Protocol] alg32.exe

O4 - HKLM\..\Run: [Microsoft AntiSpyware] KT06.pif
O4 - HKLM\..\RunServices: [Microsoft AntiSpyware] KT06.pif

O4 - HKLM\..\Run: [Microsoft AntiVirus] winav32.exe
O4 - HKLM\..\RunServices: [Microsoft AntiVirus] winav32.exe

O4 - HKLM\..\Run: [Microsoft AUT Update] MSlti32.exe
O4 - HKCM\..\Run: [Microsoft AUT Update] MSlti32.exe
O4 - HKCU\..\RunServices: [Microsoft AUT Update] MSlti32.exe
O4 - HKLM\..\RunServices: [Microsoft AUT Update] MSlti32.exe

O4 - HKLM\..\Run: [Micrcsoft Certificate Services] cflmon.exe
O4 - HKLM\..\RunServices: [Micrcsoft Certificate Services] cflmon.exe
O4 - HKCU\..\Run: [Micrcsoft Certificate Services] cflmon.exe
O4 - HKCU\..\RunServices: [Micrcsoft Certificate Services] cflmon.exe

O4 - HKLM\..\Run: [Microsoft Chat] mIRC.exe
O4 - HKLM\..\RunServices: [Microsoft Chat] mIRC.exe

O4 - HKLM\..\Run: [Microsoft CONFIG] winmx.exe
O4 - HKLM\..\RunServices: [Microsoft CONFIG] winmx.exe
O4 - HKCU\..\Run: [Microsoft CONFIG] winmx.exe

O4 - HKLM\..\Run: [Microsoft Compiler Pack] DSDEV.EXE

O4 - HKLM\..\Run: [Microsoft Configoration Service] msconfigs.exe
O4 - HKLM\..\RunServices: [Microsoft Configoration Service] msconfigs.exe
O4 - HKCU\..\Run: [Microsoft Configoration Service] msconfigs.exe
O4 - HKCU\..\RunServices: [Microsoft Configoration Service] msconfigs.exe

O4 - HKLM\..\Run: [Microsoft Configs 32] msgconfigrs.exe
O4 - HKLM\..\RunServices: [Microsoft Configs 32] msgconfigrs.exe
O4 - HKCU\..\Run: [Microsoft Configs 32] msgconfigrs.exe

O4 - HKLM\..\Run: [Microsoft Core Support] MSbz32.exe
O4 - HKLM\..\RunServices: [Microsoft Core Support] MSbz32.exe

O4 - HKLM\..\Run: [Microsoft Corp. Host Services] svchosl.exe
O4 - HKLM\..\RunServices: [Microsoft Corp. Host Services] svchosl.exe
O4 - HKCU\..\Run: [Microsoft Corp. Host Services] svchosl.exe
O4 - HKCU\..\RunServices: [Microsoft Corp. Host Services] svchosl.exe

O4 - HKLM\..\Run: [Microsoft Corp SQL Certificates] sqlcer.exe
O4 - HKLM\..\RunServices: [Microsoft Corp SQL Certificates] sqlcer.exe
O4 - HKCU\..\Run: [Microsoft Corp SQL Certificates] sqlcer.exe
O4 - HKCU\..\RunServices: [Microsoft Corp SQL Certificates] sqlcer.exe

O4 - HKLM\..\Run: [Microsoft Corp SSL Certificates] windowz.exe
O4 - HKLM\..\RunServices: [Microsoft Corp SSL Certificates] windowz.exe
O4 - HKCU\..\Run: [Microsoft Corp SSL Certificates] windowz.exe
O4 - HKCU\..\RunServices: [Microsoft Corp SSL Certificates] windowz.exe

O4 - HKLM\..\Run: [Microsoft Corp TLS Certificates] msauth.exe
O4 - HKLM\..\RunServices: [Microsoft Corp TLS Certificates] msauth.exe
O4 - HKCU\..\Run: [Microsoft Corp TLS Certificates] msauth.exe
O4 - HKCU\..\RunServices: [Microsoft Corp TLS Certificates] msauth.exe

O4 - HKLM\..\Run: [Microsoft Corp Updates] synet-ud.exe
O4 - HKLM\..\RunServices: [Microsoft Corp Updates] synet-ud.exe

O4 - HKLM\..\Run: [Microsoft Corp Updates] wupdates.exe
O4 - HKLM\..\RunServices: [Microsoft Corp Updates] wupdates.exe
O4 - HKCU\..\Run: [Microsoft Corp Updates] wupdates.exe

O4 - HKLM\..\Run: [Microsoft Corporation] C:\WINDOWS\system32\lsass32.exe
O4 - HKLM\..\RunServices: [Microsoft Corporation] C:\WINDOWS\system32\lsass32.exe
O4 - HKCU\..\Run: [Microsoft Corporation] C:\WINDOWS\system32\lsass32.exe

O4 - HKLM\..\Run: [Microsoft Corporaticn SQL Handler] sqlhandler.exe
O4 - HKLM\..\RunServices: [Microsoft Corporaticn SQL Handler] sqlhandler.exe
O4 - HKCU\..\Run: [Microsoft Corporaticn SQL Handler] sqlhandler.exe
O4 - HKCU\..\RunServices: [Microsoft Corporaticn SQL Handler] sqlhandler.exe

O4 - HKLM\..\Run: [Microsoft Corporation SYM monitor] mssym.exe
O4 - HKLM\..\RunServices: [Microsoft Corporation SYM monitor] mssym.exe

O4 - HKLM\..\Run: [Microsoft CPXP Protocol] cpxp.exe
O4 - HKLM\..\RunServices: [Microsoft CPXP Protocol] cpxp.exe
O4 - HKCU\..\Run: [Microsoft CPXP Protocol] cpxp.exe

O4 - HKLM\..\Run: [Microsoft Data Machine] csdata32.exe
O4 - HKLM\..\RunServices: [Microsoft Data Machine] csdata32.exe
O4 - HKCU\..\Run: [Microsoft Data Machine] csdata32.exe

O4 - HKLM\..\Run: [Microsoft Development Services] msdevelop.exe
O4 - HKLM\..\RunServices: [Microsoft Development Services] msdevelop.exe
O4 - HKCU\..\Run: [Microsoft Development Services] msdevelop.exe
O4 - HKCU\..\RunServices: [Microsoft Development Services] msdevelop.exe

O4 - HKLM\..\Run: [Microsoft Directx] directxat.exe
O4 - HKLM\..\RunServices: [Microsoft Directx] directxat.exe
O4 - HKCU\..\Run: [Microsoft Directx] directxat.exe
O4 - HKCU\..\RunServices: [Microsoft Directx] directxat.exe

O4 - HKLM\..\Run: [Microsoft Directxsp] directxbt.exe
O4 - HKLM\..\RunServices: [Microsoft Directxsp] directxbt.exe
O4 - HKCU\..\Run: [Microsoft Directxsp] directxbt.exe
O4 - HKCU\..\RunServices: [Microsoft Directxsp] directxbt.exe

O4 - HKLM\..\Run: [Microsoft Directxspnew] directxnew.exe
O4 - HKLM\..\RunServices: [Microsoft Directxspnew] directxnew.exe
O4 - HKCU\..\Run: [Microsoft Directxspnew] directxnew.exe
O4 - HKCU\..\RunServices: [Microsoft Directxspnew] directxnew.exe

O4 - HKLM\..\Run: [Microsoft Directx click] directxclick.exe
O4 - HKLM\..\RunServices: [Microsoft Directx click] directxclick.exe
O4 - HKCU\..\Run: [Microsoft Directx click] directxclick.exe
O4 - HKCU\..\RunServices: [Microsoft Directx click] directxclick.exe

O4 - HKLM\..\Run: [Microsoft Directx clicks] directxclickers.exe
O4 - HKLM\..\RunServices: [Microsoft Directx clicks] directxclickers.exe
O4 - HKCU\..\Run: [Microsoft Directx clicks] directxclickers.exe
O4 - HKCU\..\RunServices: [Microsoft Directx clicks] directxclickers.exe

O4 - HKLM\..\Run: [Microsoft Directx push] directxpushup.exe
O4 - HKLM\..\RunServices: [Microsoft Directx push] directxpushup.exe
O4 - HKCU\..\Run: [Microsoft Directx push] directxpushup.exe
O4 - HKCU\..\RunServices: [Microsoft Directx push] directxpushup.exe

O4 - HKLM\..\Run: [Microsoft dll Host Service ] wkssr.exe
O4 - HKLM\..\RunServices: [Microsoft dll Host Service ] wkssr.exe
O4 - HKCU\..\Run: [Microsoft dll Host Service ] wkssr.exe

O4 - HKLM\..\Run: [Microsoft DLL Verifier] csrssv.exe
O4 - HKLM\..\RunServices: [Microsoft DLL Verifier] csrssv.exe

O4 - HKLM\..\Run: [Microsoft DLL Verifier] Desktop.exe
O4 - HKLM\..\RunServices: [Microsoft DLL Verifier] Desktop.exe

O4 - HKLM\..\Run: [Microsoft DLL Verifier] winavguard.exe
O4 - HKLM\..\RunServices: [Microsoft DLL Verifier] winavguard.exe

O4 - HKLM\..\Run: [Microsoft DLL Verifier] wns.exe
O4 - HKLM\..\RunServices: [Microsoft DLL Verifier] wns.exe

O4 - HKLM\..\Run: [Microsoft Domain Controller] C:\WINDOWS\system32\mstc.exe

O4 - HKLM\..\Run: [Micrsoft Driver] msdriver.exe
O4 - HKLM\..\RunServices: [Micrsoft Driver] msdriver.exe
O4 - HKCU\..\Run: [Micrsoft Driver] msdriver.exe

O4 - HKLM\..\Run: [Microsoft Event Engine] EvtEngn.exe
O4 - HKLM\..\RunServices: [Microsoft Event Engine] EvtEngn.exe

O4 - HKLM\..\Run: [Microsoft explorer Update] internal.exe
O4 - HKLM\..\RunServices: [Microsoft explorer Update] internal.exe
O4 - HKLM\..\RunOnce: [Microsoft explorer Update] internal.exe
O4 - HKCU\..\Run: [Microsoft explorer Update] internal.exe
O4 - HKCU\..\RunOnce: [Microsoft explorer Update] internal.exe

O4 - HKLM\..\Run: [Microsoft Hyptertext Helper] MSHTHA.EXE
O4 - HKCU\..\RunOnce: [Microsoft Hyptertext Helper] MSHTHA.EXE

O4 - HKLM\..\Run: [Microsoft IE] IEXPLORE.EXE
O4 - HKLM\..\RunServices: [Microsoft IE] IEXPLORE.EXE
O4 - HKLM\..\RunOnce: [Microsoft IE] IEXPLORE.EXE
O4 - HKCU\..\Run: [Microsoft IE] IEXPLORE.EXE
O4 - HKCU\..\RunOnce: [Microsoft IE] IEXPLORE.EXE

O4 - HKLM\..\Run: [Microsoft Internel Corporat ] netvhost.exe
O4 - HKLM\..\RunServices: [Microsoft Internel Corporat ] netvhost.exe

O4 - HKLM\..\Run: [Microsoft Internel Corporat ] smbvhost.exe
O4 - HKLM\..\RunServices: [Microsoft Internel Corporat ] smbvhost.exe

O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\WINDOWS\system32\iexplore.exe

O4 - HKLM\..\Run: [Microsoft Internet Explorer] lEXPLORE.EXE
O4 - HKLM\..\RunServices: [Microsoft Internet Explorer] lEXPLORE.EXE

O4 - HKLM\..\Run: [Microsoft Lsass Center] Isass.exe
O4 - HKLM\..\RunServices: [Microsoft Lsass Center] Isass.exe
O4 - HKCU\..\Run: [Microsoft Lsass Center] Isass.exe

O4 - HKLM\..\Run: [Microsoft Machine] system32.exe
O4 - HKLM\..\RunServices: [Microsoft Machine] system32.exe

O4 - HKLM\..\Run: [Microsoft Machine] temp.exe
O4 - HKLM\..\RunServices: [Microsoft Machine] temp.exe

O4 - HKLM\..\Run: [Microsoft Messenger XP] MSMSN32.exe
O4 - HKLM\..\RunServices: [Microsoft Messenger XP] MSMSN32.exe
O4 - HKCU\..\Run: [Microsoft Messenger XP] MSMSN32.exe

O4 - HKLM\..\Run: [Microsoft MediaScope] winmes.exe
O4 - HKLM\..\RunServices: [Microsoft MediaScope] winmes.exe

O4 - HKLM\..\Run: [Microsoft Monitors] explorers.exe
O4 - HKLM\..\RunServices: [Microsoft Monitors] explorers.exe

O4 - HKLM\..\Run: [Microsoft MSN 7 Services] msnmsg.exe
O4 - HKLM\..\RunServices: [Microsoft MSN 7 Services] msnmsg.exe

O4 - HKLM\..\Run: [Microsoft MSN 7 Services] msnmsger.exe
O4 - HKLM\..\RunServices: [Microsoft MSN 7 Services] msnmsger.exe

O4 - HKLM\..\Run: [MICROSFT MX UPDATE SUPPORT] winmx32.EXE
O4 - HKLM\..\RunServices: [MICROSFT MX UPDATE SUPPORT] winmx32.EXE

O4 - HKLM\..\Run: [Microsoft NT Drivers] ntdrv.exe
O4 - HKLM\..\RunServices: [Microsoft NT Drivers] ntdrv.exe
O4 - HKCU\..\Run: [Microsoft NT Drivers] ntdrv.exe
O4 - HKCU\..\RunServices: [Microsoft NT Drivers] ntdrv.exe

O4 - HKLM\..\Run: [Microsoft Nvidia Video] nvidia.exe
O4 - HKLM\..\RunServices: [Microsoft Nvidia Video] nvidia.exe
O4 - HKCU\..\Run: [Microsoft Nvidia Video] nvidia.exe
O4 - HKCU\..\RunServices: [Microsoft Nvidia Video] nvidia.exe

O4 - HKLM\..\Run: [Microsoft Office Monitor] C:\WINDOWS\System32\alg2k.exe
O4 - HKLM\..\RunServices: [Microsoft Office Monitor] C:\WINDOWS\System32\alg2k.exe

O4 - HKLM\..\Run: [Microsoft Office Monitor] C:\WINDOWS\system32\aql32.exe
O4 - HKCU\..\Run: [Microsoft Office Monitor] C:\WINDOWS\system32\aql32.exe

O4 - HKLM\..\Run: [Microsoft Patch Update] bootini.exe
O4 - HKLM\..\RunServices: [Microsoft Patch Update] bootini.exe

O4 - HKLM\..\Run: [Microsoft PSTCP32 Data] pstcp32.exe
O4 - HKLM\..\RunServices: [Microsoft PSTCP32 Data] pstcp32.exe
O4 - HKCU\..\Run: [Microsoft PSTCP32 Data] pstcp32.exe

O4 - HKLM\..\Run: [Microsoft QMGR] msnqmgr.exe
O4 - HKLM\..\RunServices: [Microsoft QMGR] msnqmgr.exe

O4 - HKLM\..\Run: [Microsoft Runtime Initialization] msvcbm.exe
O4 - HKLM\..\RunServices: [Microsoft Runtime Initialization] msvcbm.exe

O4 - HKLM\..\Run: [Microsoft sddcE Contol] taskmnegr.exe
O4 - HKLM\..\RunServices: [Microsoft sddcE Contol] taskmnegr.exe

O4 - HKLM\..\Run: [Microsoft sdk temp] sdktemp.exe
O4 - HKLM\..\RunServices: [Microsoft sdk temp] sdktemp.exe

O4 - HKLM\..\Run: [Microsoft Security Monitor Process] mmp.exe
O4 - HKLM\..\RunServices: [Microsoft Security Monitor Process] mmp.exe

O4 - HKLM\..\Run: [Microsoft Security Monitor Process] mnsmp.exe
O4 - HKLM\..\RunServices: [Microsoft Security Monitor Process] mnsmp.exe

O4 - HKLM\..\Run: [Microsoft Security Monitor Process] C:\WINDOWS\msmp.exe
O4 - HKLM\..\RunServices: [Microsoft Security Monitor Process] C:\WINDOWS\msmp.exe

O4 - HKLM\..\Run: [Microsoft Security Monitor Process] C:\WINDOWS\mssmp.exe
O4 - HKLM\..\RunServices: [Microsoft Security Monitor Process] C:\WINDOWS\mssmp.exe

O4 - HKLM\..\Run: [Microsoft Security Monitor Process] mssmp.exe
O4 - HKLM\..\RunServices: [Microsoft Security Monitor Process] mssmp.exe

O4 - HKLM\..\Run: [Microsft Security Monitor Process] mssmpp.exe
O4 - HKLM\..\RunServices: [Microsft Security Monitor Process] mssmpp.exe

O4 - HKLM\..\Run: [Microsoft Security Process] wininit.exe
O4 - HKLM\..\RunServices: [Microsoft Security Process] wininit.exe
O4 - HKCU\..\Run: [Microsoft Security Process] wininit.exe

O4 - HKLM\..\Run: [Microsoft Server] rserv.exe
O4 - HKLM\..\RunServices: [Microsoft Server] rserv.exe
O4 - HKCU\..\Run: [Microsoft Server] rserv.exe

O4 - HKLM\..\Run: [Microsoft Server Applacations] C:\WINDOWS\System32\cli.exe
O4 - HKLM\..\RunServices: [Microsoft Server Applacations] C:\WINDOWS\System32\cli.exe
O4 - HKCU\..\Run: [Microsoft Server Applacations] C:\WINDOWS\System32\cli.exe

O4 - HKLM\..\Run: [Microsoft Server Applacations] Q8See.exe
O4 - HKLM\..\RunServices: [Microsoft Server Applacations] Q8See.exe
O4 - HKCU\..\Run: [Microsoft Server Applacations] Q8See.exe

O4 - HKLM\..\Run: [Microsoft Service] sysreg11.exe
O4 - HKLM\..\RunServices: [Microsoft Service] sysreg11.exe

O4 - HKLM\..\Run: [Microsoft Service] msupdate.exe
O4 - HKLM\..\RunServices: [Microsoft Service] msupdate.exe
O4 - HKCU\..\Run: [Microsoft Service] msupdate.exe

O4 - HKLM\..\Run: [Microsoft Services] lsrv.exe
O4 - HKLM\..\RunServices: [Microsoft Services] lsrv.exe
O4 - HKCU\..\Run: [Microsoft Services] lsrv.exe

O4 - HKLM\..\Run: [Microsoft Services] srvchost.exe
O4 - HKLM\..\RunServices: [Microsoft Services] srvchost.exe
O4 - HKCU\..\Run: [Microsoft Services] srvchost.exe

O4 - HKLM\..\Run: [Microsoft Servicesv] .exe
O4 - HKLM\..\RunServices: [Microsoft Servicesv] .exe

O4 - HKLM\..\Run: [Microsoft Sounds] soundman.exe
O4 - HKLM\..\RunServices: [Microsoft Sounds] soundman.exe

O4 - HKLM\..\Run: [Microsoft SpA Service] msapps.exe
O4 - HKLM\..\RunServices: [Microsoft SpA Service] msapps.exe
O4 - HKCU\..\Run: [Microsoft SpA Service] msapps.exe

O4 - HKLM\..\Run: [Microsoft Spool Svc] spoolsvc32.exe
O4 - HKLM\..\RunServices: [Microsoft Spool Svc] spoolsvc32.exe

O4 - HKLM\..\Run: [Microsoft SSL Server Mssql] MSsslServer.exe
O4 - HKLM\..\RunServices: [Microsoft SSL Server Mssql] MSsslServer.exe
O4 - HKCU\..\Run: [Microsoft SSL Server Mssql] MSsslServer.exe
O4 - HKCU\..\RunServices: [Microsoft SSL Server Mssql] MSsslServer.exe

O4 - HKLM\..\Run: [Microsoft startup] SoftwareUpdates.exe
O4 - HKLM\..\RunServices: [Microsoft startup] SoftwareUpdates.exe

O4 - HKLM\..\Run: [Microsoft Svchost local services] botcrx.exe
O4 - HKLM\..\RunServices: [Microsoft Svchost local services] botcrx.exe

O4 - HKLM\..\Run: [Microsoft Svchost local services] msnmesseng.exe
O4 - HKLM\..\RunServices: [Microsoft Svchost local services] msnmesseng.exe

04 - HKLM\..\Run: [Microsoft Svchost local services] winoem.exe
O4 - HKLM\..\RunServices: [Microsoft Svchost local services] winoem.exe

O4 - HKLM\..\Run: [Microsoft Synchronization Manager] ___synmgr.exe
O4 - HKLM\..\RunServices: [Microsoft Synchronization Manager] ___synmgr.exe
O4 - HKCU\..\Run: [Microsoft Synchronization Manager] ___synmgr.exe

O4 - HKLM\..\Run: [Microsoft Synchronization Manager] bot.exe
O4 - HKLM\..\RunServices: [Microsoft Synchronization Manager] bot.exe
O4 - HKCU\..\Run: [Microsoft Synchronization Manager] bot.exe

O4 - HKLM\..\Run: [Microsoft System Administration] system.exe
O4 - HKLM\..\RunServices: [Microsoft System Administration] system.exe
O4 - HKCU\..\Run: [Microsoft System Administration] system.exe

O4 - HKLM\..\Run: [Microsoft System Firewall 2006.2] msmsgr.exe
O4 - HKLM\..\RunServices: [Microsoft System Firewall 2006.2] msmsgr.exe

O4 - HKLM\..\Run: [Microsoft System Firewall 2006.2] msnmsgr.exe
O4 - HKLM\..\RunServices: [Microsoft System Firewall 2006.2] msnmsgr.exe

O4 - HKLM\..\Run: [Microsoft System Firewall 2006.2] reg32.exe
O4 - HKLM\..\RunServices: [Microsoft System Firewall 2006.2] reg32.exe

O4 - HKLM\..\Run: [Microsoft System Service] dnservice.exe
O4 - HKLM\..\RunServices: [Microsoft System Service] dnservice.exe

O4 - HKLM\..\Run: [Microsoft Telecoms Center] telcoms.exe
O4 - HKLM\..\RunServices: [Microsoft Telecoms Center] telcoms.exe
O4 - HKCU\..\Run: [Microsoft Telecoms Center] telcoms.exe

O4 - HKLM\..\Run: [Microsoft Telecoms Center] winrestore.exe
O4 - HKLM\..\RunServices: [Microsoft Telecoms Center] winrestore.exe
O4 - HKCU\..\Run: [Microsoft Telecoms Center] winrestore.exe

O4 - HKLM\..\Run: [Microsoft Telecoms Center] winupcd.exe
O4 - HKLM\..\RunServices: [Microsoft Telecoms Center] winupcd.exe
O4 - HKCU\..\Run: [Microsoft Telecoms Center] winupcd.exe

O4 - HKLM\..\Run: [Microsoft Telecoms Center] xpfilesys.exe
O4 - HKLM\..\RunServices: [Microsoft Telecoms Center] xpfilesys.exe
O4 - HKCU\..\Run: [Microsoft Telecoms Center] xpfilesys.exe

O4 - HKLM\..\Run: [Microsoft TTL Verifier] C:\WINDOWS\System32\msttl.exe
O4 - HKLM\..\RunServices: [Microsoft TTL Verifier] C:\WINDOWS\System32\msttl.exe
O4 - HKCU\..\Run: [Microsoft TTL Verifier] C:\WINDOWS\System32\msttl.exe
O4 - HKCU\..\RunServices: [Microsoft TTL Verifier] C:\WINDOWS\System32\msttl.exe

O4 - HKLM\..\Run: [Micrcoft Updat] spoolsae.exe
O4 - HKLM\..\RunServices: [Micrcoft Updat] spoolsae.exe

O4 - HKLM\..\Run: [Microsft Updtes] sarvice.exe
O4 - HKLM\..\RunServices: [Microsft Updtes] sarvice.exe

O4 - HKLM\..\Run: [Microsoft Update] bling.exe
O4 - HKLM\..\RunServices: [Microsoft Update] bling.exe
O4 - HKCU\..\Run: [Microsoft Update] bling.exe

O4 - HKLM\..\Run: [Microsoft Update] drive.exe
O4 - HKLM\..\RunServices: [Microsoft Update] drive.exe
O4 - HKCU\..\Run: [Microsoft Update] drive.exe

O4 - HKLM\..\Run: [Microsoft Update] msconfg.exe
O4 - HKLM\..\RunServices: [Microsoft Update] msconfg.exe
O4 - HKCU\..\Run: [Microsoft Update] msconfg.exe

O4 - HKLM\..\Run: [Microsoft Update] msn.exe
O4 - HKCU\..\Run: [Microsoft Update] msn.exe

O4 - HKLM\..\Run: [Microsoft Update] msnmessenger.exe
O4 - HKLM\..\RunServices: [Microsoft Update] msnmessenger.exe
O4 - HKCU\..\Run: [Microsoft Update] msnmessenger.exe

O4 - HKLM\..\Run: [Microsoft Update] nbdos.exe
O4 - HKLM\..\RunServices: [Microsoft Update] nbdos.exe
O4 - HKCU\..\Run: [Microsoft Update] nbdos.exe

O4 - HKLM\..\Run: [Microsoft Update] snlogsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Update] snlogsvc.exe
O4 - HKCU\..\Run: [Microsoft Update] snlogsvc.exe

O4 - HKLM\..\Run: [Microsoft Update] svschost.exe
O4 - HKLM\..\RunServices: [Microsoft Update] svschost.exe
O4 - HKCU\..\Run: [Microsoft Update] svschost.exe

O4 - HKLM\..\Run: [Microsoft Update] Sygate.exe
O4 - HKLM\..\RunServices: [Microsoft Update] Sygate.exe
O4 - HKCU\..\Run: [Microsoft Update] Sygate.exe

O4 - HKLM\..\Run: [Microsoft Update] system32.exe
O4 - HKLM\..\RunServices: [Microsoft Update] system32.exe
O4 - HKCU\..\Run: [Microsoft Update] system32.exe

O4 - HKLM\..\Run: [Microsoft Update] taskmgr32.exe
O4 - HKLM\..\RunServices: [Microsoft Update] taskmgr32.exe
O4 - HKCU\..\Run: [Microsoft Update] taskmgr32.exe

O4 - HKLM\..\Run: [Microsoft update] tskmgr.exe
O4 - HKLM\..\RunServices: [Microsoft update] tskmgr.exe

O4 - HKLM\..\Run: [Microsoft Update] update.exe
O4 - HKLM\..\RunServices: [Microsoft Update] update.exe
O4 - HKCU\..\Run: [Microsoft Update] update.exe

O4 - HKLM\..\Run: [Microsoft Update] wangard.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wangard.exe
O4 - HKCU\..\Run: [Microsoft Update] wangard.exe

O4 - HKLM\..\Run: [Microsoft Update] win32.exe
O4 - HKLM\..\RunServices: [Microsoft Update] win32.exe
O4 - HKCU\..\Run: [Microsoft Update] win32.exe

O4 - HKLM\..\Run: [Microsoft Update] WinDrv32.exe
O4 - HKLM\..\RunServices: [Microsoft Update] WinDrv32.exe
O4 - HKCU\..\Run: [Microsoft Update] WinDrv32.exe

O4 - HKLM\..\Run: [Microsoft Update] wingrd32.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wingrd32.exe
O4 - HKCU\..\Run: [Microsoft Update] wingrd32.exe

O4 - HKLM\..\Run: [Microsoft Update] winsys.exe
O4 - HKLM\..\RunServices: [Microsoft Update] winsys.exe
O4 - HKCU\..\Run: [Microsoft Update] winsys.exe
O4 - HKCU\..\RunServices: [Microsoft Update] winsys.exe

O4 - HKLM\..\Run: [Microsoft Update] wuamk032.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuamk032.exe

O4 - HKLM\..\Run: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\RunServices: [Microsoft Update Loaders 2005] winusers.exe

O4 - HKLM\..\Run: [Microsoft-Updates] svxhost.exe
O4 - HKLM\..\RunServices: [Microsoft-Updates] svxhost.exe

O4 - HKLM\..\Run: [Microsoft Updates] winit.exe
O4 - HKLM\..\RunServices: [Microsoft Updates] winit.exe

O4 - HKLM\..\Run: [Microft Update 32] winssx.exe
O4 - HKLM\..\RunServices: [Microft Update 32] winssx.exe

O4 - HKLM\..\Run: [Microsoft Update 32] neta.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] neta.exe

O4 - HKLM\..\Run: [Microsoft Update 32] network.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] network.exe

O4 - HKLM\..\Run: [Microsoft Update 32] windowsp.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] windowsp.exe

O4 - HKLM\..\Run: [Microsoft Update 32] wininit.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] wininit.exe

O4 - HKLM\..\Run: [Microsoft Update Device] C:\WINDOWS\SYSTEM32\drivers\flolo.exe
O4 - HKLM\..\RunServices: [Microsoft Update Device] C:\WINDOWS\SYSTEM32\drivers\flolo.exe
O4 - HKCU\..\Run: [Microsoft Update Device] C:\WINDOWS\SYSTEM32\drivers\flolo.exe
O4 - HKCU\..\RunServices: [Microsoft Update Device] C:\WINDOWS\SYSTEM32\drivers\flolo.exe

O4 - HKLM\..\Run: [Microsoft Update Drivers] explorers.exe
O4 - HKLM\..\RunServices: [Microsoft Update Drivers] explorers.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] bee.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] bee.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] bot.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] bot.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] bot.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] cssrssv.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] cssrssv.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] cssrssv.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] servicz.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] servicz.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] syspic9.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] syspic9.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] syspic9.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] winhost.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] winhost.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] winhost.exe

O4 - HKLM\..\Run: [Microsoft Update Manager] scvideo.exe
O4 - HKLM\..\RunServices: [Microsoft Update Manager] scvideo.exe

O4 - HKLM\..\Run: [Microsoft Vista Upgrade Validation Service] cfmon.exe
O4 - HKLM\..\RunServices: [Microsoft Vista Upgrade Validation Service] cfmon.exe
O4 - HKCU\..\Run: [Microsoft Vista Upgrade Validation Service] cfmon.exe

O4 - HKLM\..\Run: [Microsoft web update] webmsn.exe
O4 - HKLM\..\RunServices: [Microsoft web update] webmsn.exe

O4 - HKLM\..\Run: [Microsoft Win Corp TLS Verification] mswintls.exe
O4 - HKLM\..\RunServices: [Microsoft Win Corp TLS Verification] mswintls.exe
O4 - HKCU\..\Run: [Microsoft Win Corp TLS Verification] mswintls.exe
O4 - HKCU\..\RunServices: [Microsoft Win Corp TLS Verification] mswintls.exe

O4 - HKLM\..\Run: [Microsoft WIN32 DOS] MSdos32.exe
O4 - HKLM\..\RunServices: [Microsoft WIN32 DOS] MSdos32.exe

O4 - HKLM\..\Run: [Microsoft WIN32 Security] MSsec32.exe
O4 - HKLM\..\RunServices: [Microsoft WIN32 Security] MSsec32.exe

F2 - REG:system.ini: Shell=Explorer.exe msclt.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,msclt.exe
O4 - HKLM\..\Run: [Microsoft Windows Client Firewall] msclt.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Client Firewall] msclt.exe
O4 - HKCU\..\Run: [Microsoft Windows Client Firewall] msclt.exe
O4 - HKCU\..\RunServices: [Microsoft Windows Client Firewall] msclt.exe

F2 - REG:system.ini: Shell=Explorer.exe bootini.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,bootini.exe
O4 - HKLM\..\Run: [Microsoft Windows] bootini.exe
O4 - HKLM\..\RunServices: [Microsoft Windows] bootini.exe
O4 - HKCU\..\Run: [Microsoft Windows] bootini.exe
O4 - HKCU\..\RunServices: [Microsoft Windows] bootini.exe

F2 - REG:system.ini: Shell=Explorer.exe wincomm.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,wincomm.exe
O4 - HKLM\..\Run: [Microsoft Windows Communicator for NT/XP] wincomm.exe
O4 - HKCU\..\Run: [Microsoft Windows Communicator for NT/XP] wincomm.exe

O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] dllmanager32.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] dllmanager32.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] dllmanager32.exe

O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] newdll.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] newdll.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] newdll.exe
O4 - HKCU\..\RunServices: [Microsoft Windows DLL Services Configuration] newdll.exe

O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] newdll2.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] newdll2.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] newdll2.exe

O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] proxy.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] proxy.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] proxy.exe

O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] windll32.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] windll32.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] windll32.exe

O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] windir32.exe
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exe

O4 - HKLM\..\Run: [Microsoft Windows Drivers] windrv.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Drivers] windrv.exe
O4 - HKCU\..\Run: [Microsoft Windows Drivers] windrv.exe
O4 - HKCU\..\RunServices: [Microsoft Windows Drivers] windrv.exe

O4 - HKLM\..\Run: [Micros

Messages similaires

Dans l'actualité

Les téléchargements

Albums

Les dernières actualités

Les derniers dossiers