Svchost.exe
Dahouo
Messages postés
5
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
moi aussi j'ai un problem avec svchost.exe boici mon rapport hijackthis je sais pas quoi faire avec.
j'ai besoin de votre aide svp ca urge
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:25, on 03/08/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\Launch Manager\LaunchAp.exe
C:\Progra~1\Launch Manager\PowerKey.exe
C:\Progra~1\Launch Manager\HotkeyApp.exe
C:\Progra~1\Launch Manager\CtrlVol.exe
C:\Progra~1\Launch Manager\Wbutton.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PaqTool\amac\amac.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP1.dll
O1 - Hosts: >lmth/<
O1 - Hosts: >ydob/<
O1 - Hosts: >ydob<
O1 - Hosts: >daeh/<
O1 - Hosts: >"1-"=tnetnoc "seripxe"=viuqe-ptth atem<
O1 - Hosts: >"ehcac-on"=tnetnoc "amgarp"=viuqe-ptth atem<
O1 - Hosts: >"78g3smha7X38JXuWf614g3nNoVXd4DCVeok5StYtA9kcV6tKhcD2wNHrMv21PTblqRTzLLxK1UfTTlk6fVPE5hFllbqJD23hap6SGyHUfdyOf1856gOU7anTJuB45DpR7X8t7nD781F0Juy60x3Zg5EPt2q7h7u0fwItnCanRCmcpAyNkiwAM6uUCm1WKk0qTPDqYD6DcaoPb1FrnDQFckCrkFffD3%mj0aqs0WOZISFkCp1NtD1qtASZNiOcCZYCYGZF9gRcgIE40yCwIfJ8XTfLpQWqq7mDhKlkT2nkh85HSX79vchaxYkiTL48qmDCgXqj5MQ5GR3UwgvM1nZU2uRcgIE40yCwIfJ8XTfLpQkTtSXQdWcIpD4uJv40WY2JOrbC8YDYshRofU1ndMIeutXLM9W5aqPUHDnnPMJbg6xsnppP6uN7bveaWPF3%F2%ofni.1spaehc.j-l-4-8-9-8-3-b-g-7-y-r-g-p-h-7-3-5-x-3F2%F2%A3%ptth=tsd?nigol/mc.ognir.nigol//:ptth=lru ;0"=tnetnoc "hserfer"=viuqe-ptth atem<
O1 - Hosts: >eltit/<...>eltit<
O1 - Hosts: >daeh<
O1 - Hosts: >--
O1 - Hosts: >maraPyawetaGsseccAPSIW/<
O1 - Hosts: >tcerideR/<
O1 - Hosts: >edoCesnopseR/<0>edoCesnopseR<
O1 - Hosts: >epyTegasseM/<001>epyTegasseM<
O1 - Hosts: >LRUnigoL/<lmx=tegrat?nigol/mc.ognir.nigol//:ptth>LRUnigoL<
O1 - Hosts: >emaNnoitacoL/<>emaNnoitacoL<
O1 - Hosts: >noitacoLsseccA/<>noitacoLsseccA<
O1 - Hosts: >erudecorPsseccA/<0.1>erudecorPsseccA<
O1 - Hosts: >tcerideR<
O1 - Hosts: >"dsx.maraPyawetaGsseccAPSIW/lmx/mc.ognir.nigol//:ptth"=noitacoLamehcSecapsemaNon:isx
O1 - Hosts: "ecnatsni-amehcSLMX/1002/gro.3w.www//:ptth"=isx:snlmx
O1 - Hosts: maraPyawetaGsseccAPSIW<
O1 - Hosts: >?"8-FTU"=gnidocne "0.1"=noisrev lmx?<
O1 - Hosts: --!<
O1 - Hosts: >lmth<
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP1.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP1.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Progra~1\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKLM\..\Run: [moulo] C:\WINDOWS\system32\vymejih.exe
O4 - HKLM\..\Run: [nizum] C:\WINDOWS\system32\vymejih.exe
O4 - HKLM\..\Run: [zenul] C:\WINDOWS\system32\kijoo.exe
O4 - HKLM\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Joyce Cynthia\Joyce Cynthia1\winlogon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ChkMail] ÈD<
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Joyce Cynthia\Joyce Cynthia1\winlogon.exe
O4 - HKLM\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKLM\..\Policies\Explorer\Run: []
O4 - HKCU\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
moi aussi j'ai un problem avec svchost.exe boici mon rapport hijackthis je sais pas quoi faire avec.
j'ai besoin de votre aide svp ca urge
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:25, on 03/08/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\Launch Manager\LaunchAp.exe
C:\Progra~1\Launch Manager\PowerKey.exe
C:\Progra~1\Launch Manager\HotkeyApp.exe
C:\Progra~1\Launch Manager\CtrlVol.exe
C:\Progra~1\Launch Manager\Wbutton.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PaqTool\amac\amac.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuevaq.fm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nuevaq.fm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nuevaq.fm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuevaq.fm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.nuevaq.fm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP1.dll
O1 - Hosts: >lmth/<
O1 - Hosts: >ydob/<
O1 - Hosts: >ydob<
O1 - Hosts: >daeh/<
O1 - Hosts: >"1-"=tnetnoc "seripxe"=viuqe-ptth atem<
O1 - Hosts: >"ehcac-on"=tnetnoc "amgarp"=viuqe-ptth atem<
O1 - Hosts: >"78g3smha7X38JXuWf614g3nNoVXd4DCVeok5StYtA9kcV6tKhcD2wNHrMv21PTblqRTzLLxK1UfTTlk6fVPE5hFllbqJD23hap6SGyHUfdyOf1856gOU7anTJuB45DpR7X8t7nD781F0Juy60x3Zg5EPt2q7h7u0fwItnCanRCmcpAyNkiwAM6uUCm1WKk0qTPDqYD6DcaoPb1FrnDQFckCrkFffD3%mj0aqs0WOZISFkCp1NtD1qtASZNiOcCZYCYGZF9gRcgIE40yCwIfJ8XTfLpQWqq7mDhKlkT2nkh85HSX79vchaxYkiTL48qmDCgXqj5MQ5GR3UwgvM1nZU2uRcgIE40yCwIfJ8XTfLpQkTtSXQdWcIpD4uJv40WY2JOrbC8YDYshRofU1ndMIeutXLM9W5aqPUHDnnPMJbg6xsnppP6uN7bveaWPF3%F2%ofni.1spaehc.j-l-4-8-9-8-3-b-g-7-y-r-g-p-h-7-3-5-x-3F2%F2%A3%ptth=tsd?nigol/mc.ognir.nigol//:ptth=lru ;0"=tnetnoc "hserfer"=viuqe-ptth atem<
O1 - Hosts: >eltit/<...>eltit<
O1 - Hosts: >daeh<
O1 - Hosts: >--
O1 - Hosts: >maraPyawetaGsseccAPSIW/<
O1 - Hosts: >tcerideR/<
O1 - Hosts: >edoCesnopseR/<0>edoCesnopseR<
O1 - Hosts: >epyTegasseM/<001>epyTegasseM<
O1 - Hosts: >LRUnigoL/<lmx=tegrat?nigol/mc.ognir.nigol//:ptth>LRUnigoL<
O1 - Hosts: >emaNnoitacoL/<>emaNnoitacoL<
O1 - Hosts: >noitacoLsseccA/<>noitacoLsseccA<
O1 - Hosts: >erudecorPsseccA/<0.1>erudecorPsseccA<
O1 - Hosts: >tcerideR<
O1 - Hosts: >"dsx.maraPyawetaGsseccAPSIW/lmx/mc.ognir.nigol//:ptth"=noitacoLamehcSecapsemaNon:isx
O1 - Hosts: "ecnatsni-amehcSLMX/1002/gro.3w.www//:ptth"=isx:snlmx
O1 - Hosts: maraPyawetaGsseccAPSIW<
O1 - Hosts: >?"8-FTU"=gnidocne "0.1"=noisrev lmx?<
O1 - Hosts: --!<
O1 - Hosts: >lmth<
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP1.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP1.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Progra~1\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKLM\..\Run: [moulo] C:\WINDOWS\system32\vymejih.exe
O4 - HKLM\..\Run: [nizum] C:\WINDOWS\system32\vymejih.exe
O4 - HKLM\..\Run: [zenul] C:\WINDOWS\system32\kijoo.exe
O4 - HKLM\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Joyce Cynthia\Joyce Cynthia1\winlogon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ChkMail] ÈD<
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [NVIDIA Media Center Library] C:\Documents and Settings\Joyce Cynthia\Joyce Cynthia1\winlogon.exe
O4 - HKLM\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKLM\..\Policies\Explorer\Run: []
O4 - HKCU\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
