A voir également:
- Virus Gestionnaire Taches Desactive
- Gestionnaire des taches - Guide
- Pave tactile desactive - Guide
- Compte facebook désactivé - Guide
- Gestionnaire des taches windows 11 - Guide
- Windows 11 barre des taches a gauche - Guide
2 réponses
Mon HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:31:55, on 06/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
G:\Program Files\BODET\Open\firebird\bin\fbserver.exe
G:\Program Files\zkSensor\bin\DpHost.exe
G:\WINDOWS\system32\hasplms.exe
G:\Program Files\Java\jre6\bin\jqs.exe
G:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
G:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
G:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
G:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
G:\WINDOWS\system32\SearchIndexer.exe
G:\Program Files\BODET\Open\server\bin\BodetServiceTomcat.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\rdpclip.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\stsystra.exe
G:\Program Files\Java\jre6\bin\jusched.exe
G:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\System32\bycool\winacces.exe
G:\WINDOWS\system32\ctfmon.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
G:\Program Files\SuperCopier2\SuperCopier2.exe
G:\PROGRA~1\MICROS~2\wcescomm.exe
G:\Program Files\Internet Download Manager\IDMan.exe
G:\Program Files\Cobian Backup 9\Cobian.exe
C:\Windows\System32\bycool\myapp.exe
G:\Program Files\Logitech\SetPoint\SetPoint.exe
G:\PROGRA~1\MICROS~2\rapimgr.exe
G:\Program Files\Windows Desktop Search\WindowsSearch.exe
G:\Program Files\Cobian Backup 9\cbInterface.exe
G:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
G:\Program Files\Internet Download Manager\IEMonitor.exe
G:\Program Files\vtigercrm5\apache\bin\Apache.exe
G:\Program Files\vtigercrm5\apache\bin\Apache.exe
G:\Program Files\vtigercrm5\mysql\bin\mysqld-nt.exe
G:\DOCUME~1\dndiaye.dhi\LOCALS~1\Temp\wingluq.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\WINDOWS\system32\logon.scr
G:\WINDOWS\system32\SearchProtocolHost.exe
G:\WINDOWS\system32\wuauclt.exe
G:\WINDOWS\system32\SearchFilterHost.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
G:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - G:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - G:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - G:\PROGRA~1\TEXTAL~1\TAForIE.dll
O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avgnt] "G:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] G:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "G:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DRIVESYS] C:\Windows\System32\bycool\winacces.exe
O4 - HKLM\..\Run: [DRIVESYS1] C:\Windows\System32\bycool1\windo.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] G:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\PROGRA~1\MICROS~2\wcescomm.exe"
O4 - HKCU\..\Run: [IDMan] G:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Cobian Backup 9] "G:\Program Files\Cobian Backup 9\Cobian.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: vtiger CRM.lnk = G:\Program Files\vtigercrm5\bin\startvTiger.bat
O4 - Global Startup: Windows Desktop Search.lnk = G:\Program Files\Windows Desktop Search\WindowsSearch.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - G:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - G:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - G:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dhi.local
O17 - HKLM\Software\..\Telephony: DomainName = dhi.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A4A5235-4CC6-4B6E-B787-B4CB6363DF33}: NameServer = 192.168.0.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dhi.local
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - G:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - G:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BodetServiceFirebird - FirebirdSQL Project - G:\Program Files\BODET\Open\firebird\bin\fbserver.exe
O23 - Service: BodetServiceTomcat - Apache Software Foundation - G:\Program Files\BODET\Open\server\bin\BodetServiceTomcat.exe
O23 - Service: User Authentication Manager (DpHost) - DigitalPersona, Inc. - G:\Program Files\zkSensor\bin\DpHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - G:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - G:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - G:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: vtigercrm503 - Apache Software Foundation - G:\Program Files\vtigercrm5\apache\bin\Apache.exe
O24 - Desktop Component 0: (no name) - (no file)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:31:55, on 06/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
G:\Program Files\BODET\Open\firebird\bin\fbserver.exe
G:\Program Files\zkSensor\bin\DpHost.exe
G:\WINDOWS\system32\hasplms.exe
G:\Program Files\Java\jre6\bin\jqs.exe
G:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
G:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
G:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
G:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
G:\WINDOWS\system32\SearchIndexer.exe
G:\Program Files\BODET\Open\server\bin\BodetServiceTomcat.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\rdpclip.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\stsystra.exe
G:\Program Files\Java\jre6\bin\jusched.exe
G:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\System32\bycool\winacces.exe
G:\WINDOWS\system32\ctfmon.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
G:\Program Files\SuperCopier2\SuperCopier2.exe
G:\PROGRA~1\MICROS~2\wcescomm.exe
G:\Program Files\Internet Download Manager\IDMan.exe
G:\Program Files\Cobian Backup 9\Cobian.exe
C:\Windows\System32\bycool\myapp.exe
G:\Program Files\Logitech\SetPoint\SetPoint.exe
G:\PROGRA~1\MICROS~2\rapimgr.exe
G:\Program Files\Windows Desktop Search\WindowsSearch.exe
G:\Program Files\Cobian Backup 9\cbInterface.exe
G:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
G:\Program Files\Internet Download Manager\IEMonitor.exe
G:\Program Files\vtigercrm5\apache\bin\Apache.exe
G:\Program Files\vtigercrm5\apache\bin\Apache.exe
G:\Program Files\vtigercrm5\mysql\bin\mysqld-nt.exe
G:\DOCUME~1\dndiaye.dhi\LOCALS~1\Temp\wingluq.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\WINDOWS\system32\logon.scr
G:\WINDOWS\system32\SearchProtocolHost.exe
G:\WINDOWS\system32\wuauclt.exe
G:\WINDOWS\system32\SearchFilterHost.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
G:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - G:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - G:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - G:\PROGRA~1\TEXTAL~1\TAForIE.dll
O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avgnt] "G:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] G:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "G:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DRIVESYS] C:\Windows\System32\bycool\winacces.exe
O4 - HKLM\..\Run: [DRIVESYS1] C:\Windows\System32\bycool1\windo.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] G:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\PROGRA~1\MICROS~2\wcescomm.exe"
O4 - HKCU\..\Run: [IDMan] G:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Cobian Backup 9] "G:\Program Files\Cobian Backup 9\Cobian.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: vtiger CRM.lnk = G:\Program Files\vtigercrm5\bin\startvTiger.bat
O4 - Global Startup: Windows Desktop Search.lnk = G:\Program Files\Windows Desktop Search\WindowsSearch.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - G:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - G:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - G:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dhi.local
O17 - HKLM\Software\..\Telephony: DomainName = dhi.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A4A5235-4CC6-4B6E-B787-B4CB6363DF33}: NameServer = 192.168.0.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dhi.local
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - G:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - G:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BodetServiceFirebird - FirebirdSQL Project - G:\Program Files\BODET\Open\firebird\bin\fbserver.exe
O23 - Service: BodetServiceTomcat - Apache Software Foundation - G:\Program Files\BODET\Open\server\bin\BodetServiceTomcat.exe
O23 - Service: User Authentication Manager (DpHost) - DigitalPersona, Inc. - G:\Program Files\zkSensor\bin\DpHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - G:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - G:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - G:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: vtigercrm503 - Apache Software Foundation - G:\Program Files\vtigercrm5\apache\bin\Apache.exe
O24 - Desktop Component 0: (no name) - (no file)
Complement d"info:
J'avais un virus qui s'appelle "windo.exe".
Quand je le desinstalle, il revient.
J"ai utilise "autoruns" un prog de sysinternals qui me permet de desactiver les tache automatiques au lancement du systeme. Depuis alors, quand je reboot, un fenetre de crash, classique, de windows ,m'affiche un message comme quoi "windo.exe" a ... genre n'a pas pu s'executer.
Esperant que ca vous donner plus de d'info pour aider.
Merci.
Gaby
J'avais un virus qui s'appelle "windo.exe".
Quand je le desinstalle, il revient.
J"ai utilise "autoruns" un prog de sysinternals qui me permet de desactiver les tache automatiques au lancement du systeme. Depuis alors, quand je reboot, un fenetre de crash, classique, de windows ,m'affiche un message comme quoi "windo.exe" a ... genre n'a pas pu s'executer.
Esperant que ca vous donner plus de d'info pour aider.
Merci.
Gaby
