Winlogon haute problème CPU
- mebmer2009
- Born
- Inscription: Fév 13, 2009
- Messages: 1
- Status: Offline
Février 13th, 2009, 12:07 pm
Winlogon mange une grande partie du processeur à chaque fois que je redémarrer mon ordinateur, j'ai couru McAfee, rien n'a été trouvé. Voici le log HijackThis, quelqu'un pourrait me donner un peu d'aide, merci.
Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 12:23:13 PM, le 2.13.2009
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon. exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Cisco \ AnyConnect Cisco VPN Client \ vpnagent.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ ISS \ Proventia Desktop \ BLACKD.EXE
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ WIDCOMM \ Logiciel Bluetooth \ bin \ btwdins.exe
C: \ Program Files \ Cisco Systems \ VPN Client \ cvpnd. exe
C: \ WINDOWS \ system32 \ inetsrv \ inetinfo.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ EngineServer.exe
C: \ Program Files \ McAfee \ Common Framework \ FrameworkService.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ VsTskMgr.exe
C: \ WINDOWS \ system32 \ mfevtps.exe
C: \ Program Files \ Microsoft SQL Server \ MSSQL.2 \ MSSQL \ Binn \ msftesql.exe
C: \ Program Files \ Microsoft SQL Server \ MSSQL.2 \ MSSQL \ Binn \ sqlservr.exe
C: \ Program Files \ Microsoft SQL Server \ MSSQL.3 \ OLAP \ bin \ msmdsrv. exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ ISS \ Proventia Desktop \ RapApp.exe
C: \ Program Files \ Common Files \ CIPM \ Printer \ RDIConverterService.exe
c: \ Program Files \ Microsoft SQL Server \ 90 \ Shared \ sqlwriter.exe
C: \ Program Files \ HPQ \ Shared \ Sierra Wireless \ Win32 \ Unicode \ SWIHPWMI.exe
C: \ Program Files \ UiTV \ UiPlayer \ msrv.exe
C: \ Program Files \ ISS \ Proventia Desktop \ vpatch.exe
C: \ WINDOWS \ system32 \ CCM \ CLICOMP \ RemCtrl \ Wuser32.exe
C: \ WINDOWS \ system32 \ CCM \ CcmExec. exe
C: \ Program Files \ Hewlett-Packard \ Shared \ hpqwmiex.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ Mcshield.exe
C: \ WINDOWS \ system32 \ mqsvc.exe
C: \ WINDOWS \ system32 \ mqtgsvc.exe
C: \ WINDOWS \ system32 \ msiexec.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ WINDOWS \ system32 \ hkcmd. exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe
C: \ Program Files \ McAfee \ Common Framework \ udaterui.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ SHSTAT.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Documents and Settings \ wxu \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ McAfee \ Common Framework \ McTray. exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = https://intranet.membersunited.org
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = https://intranet.membersunited.org
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyServer = proxy.prod.mstates. local: 8080
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = il.membersunited.org; ny.membersunited.org; *. local; <local>
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C: \ Program Files \ McAfee \ VirusScan Enterprise \ scriptsn. dll
O3 - Toolbar: Adobe PDF - (47833539-D0C5-4125-9FA8-0819E2EAAC93) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [SoundMAX] C: \ Program Files \ Analog Devices \ SoundMAX \ Smax4.exe / tray
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe / Start
O4 - HKLM \ .. \ Run: [WatchDog] C: \ Program Files \ InterVideo \ DVD Check \ DVDCheck.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Acrobat Assistant 7.0] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [McAfeeUpdaterUI] "C: \ Program Files \ McAfee \ Common Framework \ udaterui.exe" / StartedFromRunKey
O4 - HKLM \ .. \ Run: [ShStatEXE] "C: \ Program Files \ McAfee \ VirusScan Enterprise \ SHSTAT.EXE" / Standalone
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Google Update] "C: \ Documents and Settings \ wxu \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - HKUS \ S-1-5-21-3699590251-2700444154-4223713684-1022 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User "bankerapp")
O4 - HKUS \ S-1-5-18 \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ Common ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t (User "SYSTEM")
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (utilisateur "SYSTEM")
O4 - HKUS \. DEFAULT \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ Common ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t (User utilisateur par défaut)
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (utilisateur par défaut de l'utilisateur)
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel présent
O8 - Extra du menu contextuel: Convertir la cible au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la cible à des PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convertir les liens sélectionnés au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECaptureSelLinks.html
O8 - Extra du menu contextuel: Convertir liens existants PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7. 0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppendSelLinks.html
O8 - Extra du menu contextuel: Convertir la sélection au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la sélection au PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convert to Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7. 0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir en PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_01 \ bin \ ssv. dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_01 \ bin \ ssv.dll
O9 - Extra button: Bonjour - (7F9DB11C-E358-4ca6-A83D-ACC663939424) - C: \ Program Files \ Bonjour \ ExplorerPlugin.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag. exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra button: Start WebEx One-Click Réunion - (80947ADC-151D-490B-87F1-7C8CE1B46220) - C: \ Program Files \ WebEx \ WebEx \ 350 \ atonecli.dll (HKCU)
O9 - Extra "Outils" menuitem: Start WebEx One-Click Réunion - (80947ADC-151D-490B-87F1-7C8CE1B46220) - C: \ Program Files \ WebEx \ WebEx \ 350 \ atonecli. dll (HKCU)
O16 - DPF: (14C1B87C-3342-445F-9B5E-365FF330A3AC) (Hewlett-Packard Online Support Services) -- http://h50203.www5.hp.com/HPISWeb/Custo ... anager.CAB
O16 - DPF: (2202D225-22C1-4B8C-A4B8-6A7E7B7E1524) (ICWMInstallObj Class) -- https://cpc.on.intercall.com/confmgr/in ... nstall.cab
O16 - DPF: (55963676-2F5E-4BAF-AC28-CF26AA587566) (AnyConnect Cisco VPN Client Web Control) -- https://ny.membersunited.org/CACHE/stc/ ... vpnweb.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/windows ... 4549932909
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl classe) -- http://www.update.microsoft.com/microso ... 5253843808
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer Class) -- https://paymentsuniversity.webex.com/cl ... eatgpc.cab
O16 - DPF: (EF791A6B-FC12-4C68-99EF-FB9E207A39E6) (McFreeScan Class) -- http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = PROD.MSTATES.LOCAL
O17 - HKLM \ Software \ .. \ Telephony: DomainName = PROD.MSTATES. LOCAL
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = PROD.MSTATES.LOCAL
O17 - HKLM \ System \ CS4 \ Services \ Tcpip \ Parameters: Domain = PROD.MSTATES.LOCAL
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: BlackICE - Internet Security Systems, Inc - C: \ Program Files \ ISS \ Proventia Desktop \ BLACKD.EXE
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C: \ Program Files \ WIDCOMM \ Logiciel Bluetooth \ bin \ btwdins.exe
O23 - Service: Cisco Systems, Inc VPN Service (CVPND) - Cisco Systems, Inc - C: \ Program Files \ Cisco Systems \ VPN Client \ cvpnd.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Program Files \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc - C: \ Program Files \ McAfee \ VirusScan Enterprise \ EngineServer.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc - C: \ Program Files \ McAfee \ Common Framework \ FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc - C: \ Program Files \ McAfee \ VirusScan Enterprise \ McShield. exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc - C: \ Program Files \ McAfee \ VirusScan Enterprise \ VsTskMgr.exe
O23 - Service: McAfee Protection Trust Validation Service (mfevtp) - McAfee, Inc - C: \ WINDOWS \ system32 \ mfevtps.exe
O23 - Service: MHN investissement Sweep Service (MHNInvestSweepService) - Les membres du réseau de santé, LLC ™ - C: \ Work \ HealthBanker \ InvestSweepService \ bin \ MembersHealth.HealthBanker.WindowsService.InvestSweepService. exe
O23 - Service: RapApp - Internet Security Systems, Inc - C: \ Program Files \ ISS \ Proventia Desktop \ RapApp.exe
O23 - Service: RDI Document Conversion Helper (RDIConverterPrintHelper) - Web Réunion - C: \ Program Files \ Common Files \ CIPM \ Printer \ RDIConverterService.exe
O23 - Service: SWIHPWMI - Sierra Wireless Inc - C: \ Program Files \ HPQ \ Shared \ Sierra Wireless \ Win32 \ Unicode \ SWIHPWMI. exe
O23 - Service: Windows Network Media Service (UiPlayer) - UiTV Corporation - C: \ Program Files \ UiTV \ UiPlayer \ msrv.exe
O23 - Service: ISS Buffer Overflow Exploit Prevention (VPatch) - Internet Security Systems, Inc - C: \ Program Files \ ISS \ Proventia Desktop \ vpatch.exe
O23 - Service: Cisco VPN AnyConnect Agent (vpnagent) - Cisco Systems, Inc - C: \ Program Files \ Cisco \ AnyConnect Cisco VPN Client \ vpnagent.exe
--
Fin de fichier - 12,169 octets
Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 12:23:13 PM, le 2.13.2009
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon. exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Cisco \ AnyConnect Cisco VPN Client \ vpnagent.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ ISS \ Proventia Desktop \ BLACKD.EXE
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ WIDCOMM \ Logiciel Bluetooth \ bin \ btwdins.exe
C: \ Program Files \ Cisco Systems \ VPN Client \ cvpnd. exe
C: \ WINDOWS \ system32 \ inetsrv \ inetinfo.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ EngineServer.exe
C: \ Program Files \ McAfee \ Common Framework \ FrameworkService.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ VsTskMgr.exe
C: \ WINDOWS \ system32 \ mfevtps.exe
C: \ Program Files \ Microsoft SQL Server \ MSSQL.2 \ MSSQL \ Binn \ msftesql.exe
C: \ Program Files \ Microsoft SQL Server \ MSSQL.2 \ MSSQL \ Binn \ sqlservr.exe
C: \ Program Files \ Microsoft SQL Server \ MSSQL.3 \ OLAP \ bin \ msmdsrv. exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ ISS \ Proventia Desktop \ RapApp.exe
C: \ Program Files \ Common Files \ CIPM \ Printer \ RDIConverterService.exe
c: \ Program Files \ Microsoft SQL Server \ 90 \ Shared \ sqlwriter.exe
C: \ Program Files \ HPQ \ Shared \ Sierra Wireless \ Win32 \ Unicode \ SWIHPWMI.exe
C: \ Program Files \ UiTV \ UiPlayer \ msrv.exe
C: \ Program Files \ ISS \ Proventia Desktop \ vpatch.exe
C: \ WINDOWS \ system32 \ CCM \ CLICOMP \ RemCtrl \ Wuser32.exe
C: \ WINDOWS \ system32 \ CCM \ CcmExec. exe
C: \ Program Files \ Hewlett-Packard \ Shared \ hpqwmiex.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ Mcshield.exe
C: \ WINDOWS \ system32 \ mqsvc.exe
C: \ WINDOWS \ system32 \ mqtgsvc.exe
C: \ WINDOWS \ system32 \ msiexec.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ WINDOWS \ system32 \ hkcmd. exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe
C: \ Program Files \ McAfee \ Common Framework \ udaterui.exe
C: \ Program Files \ McAfee \ VirusScan Enterprise \ SHSTAT.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Documents and Settings \ wxu \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ McAfee \ Common Framework \ McTray. exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = https://intranet.membersunited.org
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = https://intranet.membersunited.org
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyServer = proxy.prod.mstates. local: 8080
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = il.membersunited.org; ny.membersunited.org; *. local; <local>
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C: \ Program Files \ McAfee \ VirusScan Enterprise \ scriptsn. dll
O3 - Toolbar: Adobe PDF - (47833539-D0C5-4125-9FA8-0819E2EAAC93) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [SoundMAX] C: \ Program Files \ Analog Devices \ SoundMAX \ Smax4.exe / tray
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe / Start
O4 - HKLM \ .. \ Run: [WatchDog] C: \ Program Files \ InterVideo \ DVD Check \ DVDCheck.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [Acrobat Assistant 7.0] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [McAfeeUpdaterUI] "C: \ Program Files \ McAfee \ Common Framework \ udaterui.exe" / StartedFromRunKey
O4 - HKLM \ .. \ Run: [ShStatEXE] "C: \ Program Files \ McAfee \ VirusScan Enterprise \ SHSTAT.EXE" / Standalone
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Google Update] "C: \ Documents and Settings \ wxu \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - HKUS \ S-1-5-21-3699590251-2700444154-4223713684-1022 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User "bankerapp")
O4 - HKUS \ S-1-5-18 \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ Common ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t (User "SYSTEM")
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (utilisateur "SYSTEM")
O4 - HKUS \. DEFAULT \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ Common ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t (User utilisateur par défaut)
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (utilisateur par défaut de l'utilisateur)
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel présent
O8 - Extra du menu contextuel: Convertir la cible au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la cible à des PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convertir les liens sélectionnés au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECaptureSelLinks.html
O8 - Extra du menu contextuel: Convertir liens existants PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7. 0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppendSelLinks.html
O8 - Extra du menu contextuel: Convertir la sélection au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la sélection au PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convert to Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7. 0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir en PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_01 \ bin \ ssv. dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_01 \ bin \ ssv.dll
O9 - Extra button: Bonjour - (7F9DB11C-E358-4ca6-A83D-ACC663939424) - C: \ Program Files \ Bonjour \ ExplorerPlugin.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag. exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra button: Start WebEx One-Click Réunion - (80947ADC-151D-490B-87F1-7C8CE1B46220) - C: \ Program Files \ WebEx \ WebEx \ 350 \ atonecli.dll (HKCU)
O9 - Extra "Outils" menuitem: Start WebEx One-Click Réunion - (80947ADC-151D-490B-87F1-7C8CE1B46220) - C: \ Program Files \ WebEx \ WebEx \ 350 \ atonecli. dll (HKCU)
O16 - DPF: (14C1B87C-3342-445F-9B5E-365FF330A3AC) (Hewlett-Packard Online Support Services) -- http://h50203.www5.hp.com/HPISWeb/Custo ... anager.CAB
O16 - DPF: (2202D225-22C1-4B8C-A4B8-6A7E7B7E1524) (ICWMInstallObj Class) -- https://cpc.on.intercall.com/confmgr/in ... nstall.cab
O16 - DPF: (55963676-2F5E-4BAF-AC28-CF26AA587566) (AnyConnect Cisco VPN Client Web Control) -- https://ny.membersunited.org/CACHE/stc/ ... vpnweb.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/windows ... 4549932909
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl classe) -- http://www.update.microsoft.com/microso ... 5253843808
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: (E06E2E99-0AA1-11D4-ABA6-0060082AA75C) (GpcContainer Class) -- https://paymentsuniversity.webex.com/cl ... eatgpc.cab
O16 - DPF: (EF791A6B-FC12-4C68-99EF-FB9E207A39E6) (McFreeScan Class) -- http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = PROD.MSTATES.LOCAL
O17 - HKLM \ Software \ .. \ Telephony: DomainName = PROD.MSTATES. LOCAL
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = PROD.MSTATES.LOCAL
O17 - HKLM \ System \ CS4 \ Services \ Tcpip \ Parameters: Domain = PROD.MSTATES.LOCAL
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: BlackICE - Internet Security Systems, Inc - C: \ Program Files \ ISS \ Proventia Desktop \ BLACKD.EXE
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C: \ Program Files \ WIDCOMM \ Logiciel Bluetooth \ bin \ btwdins.exe
O23 - Service: Cisco Systems, Inc VPN Service (CVPND) - Cisco Systems, Inc - C: \ Program Files \ Cisco Systems \ VPN Client \ cvpnd.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Program Files \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc - C: \ Program Files \ McAfee \ VirusScan Enterprise \ EngineServer.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc - C: \ Program Files \ McAfee \ Common Framework \ FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc - C: \ Program Files \ McAfee \ VirusScan Enterprise \ McShield. exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc - C: \ Program Files \ McAfee \ VirusScan Enterprise \ VsTskMgr.exe
O23 - Service: McAfee Protection Trust Validation Service (mfevtp) - McAfee, Inc - C: \ WINDOWS \ system32 \ mfevtps.exe
O23 - Service: MHN investissement Sweep Service (MHNInvestSweepService) - Les membres du réseau de santé, LLC ™ - C: \ Work \ HealthBanker \ InvestSweepService \ bin \ MembersHealth.HealthBanker.WindowsService.InvestSweepService. exe
O23 - Service: RapApp - Internet Security Systems, Inc - C: \ Program Files \ ISS \ Proventia Desktop \ RapApp.exe
O23 - Service: RDI Document Conversion Helper (RDIConverterPrintHelper) - Web Réunion - C: \ Program Files \ Common Files \ CIPM \ Printer \ RDIConverterService.exe
O23 - Service: SWIHPWMI - Sierra Wireless Inc - C: \ Program Files \ HPQ \ Shared \ Sierra Wireless \ Win32 \ Unicode \ SWIHPWMI. exe
O23 - Service: Windows Network Media Service (UiPlayer) - UiTV Corporation - C: \ Program Files \ UiTV \ UiPlayer \ msrv.exe
O23 - Service: ISS Buffer Overflow Exploit Prevention (VPatch) - Internet Security Systems, Inc - C: \ Program Files \ ISS \ Proventia Desktop \ vpatch.exe
O23 - Service: Cisco VPN AnyConnect Agent (vpnagent) - Cisco Systems, Inc - C: \ Program Files \ Cisco \ AnyConnect Cisco VPN Client \ vpnagent.exe
--
Fin de fichier - 12,169 octets
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Février 13th, 2009, 12:07 pm
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 1 message
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 127 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
