Bugbear ?

joke0

28/11/2003 à 02:30

Salut,

Domi:

Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
=================================================
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Aucun intérêt

C:WINDOWSSYSTEMSYSTRAY.EXE

Pareil

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM
800-840dslmon.exe ATnotes.lnk = C:Program
FilesATnotesATnotes.exe Microsoft Office.lnk = C:Program
FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme SynTPLpr = C:Program
FilesSynapticsSynTPSynTPLpr.exe SynTPEnh = C:Program
FilesSynapticsSynTPSynTPEnh.exe ASUS Probe = C:Program
FilesASUSProbeAsusProb.exe AHotkey = C:Program
FilesAsusAsus Hotkeyvcontrol.exe autoclk = autoclk.exe
Iomega Startup Options = C:Program
FilesIomegaCommonImgStart.exe Iomega Drive Icons = C:Program
FilesIomegaDriveIconsImgIcon.exe LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin
2003pccguide.exe" PCCIOMON.exe = "C:Program FilesTrend
MicroPC-cillin 2003PCCIOMON.exe" PCCClient.exe = "C:Program
FilesTrend MicroPC-cillin 2003PCCClient.exe" Pop3trap.exe "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe"
/hide PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin
2003PCCIOMON.exe" tmproxy = C:Program FilesTrend
MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll -
{AA58ED58-01DD-4d91-8333-CF10577473F7} (no name) - C:PROGRAM
FILESADOBEACROBAT 6.0READERACTIVEXACROIEHELPER.DLL -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - (no file) -
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (no name) - (no file) -
{549B5CA7-4A86-11D7-A4DF-000874180BB3} (no name) -
C:PROGRA~1SPYBOT~1SDHELPER.DLL -
{53707962-6F74-2D53-2644-206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.c
ab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?3795
1.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antiv
irus.com/housecall/xscan53.cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--------------------------------------------------
End of report, 7 294 bytes
Report generated in 0,387 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on
WinNT /forcent - to include WinNT-only startups even if
running on Win9x /forceall - to include all Win9x and WinNT
startups, regardless of platform /history - to list version
history only

--
joke0

Salut,

Domi:

Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
=================================================
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Aucun intérêt

C:WINDOWSSYSTEMSYSTRAY.EXE

Pareil

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM F@ST 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st
800-840dslmon.exe ATnotes.lnk = C:Program
FilesATnotesATnotes.exe Microsoft Office.lnk = C:Program
FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme SynTPLpr = C:Program
FilesSynapticsSynTPSynTPLpr.exe SynTPEnh = C:Program
FilesSynapticsSynTPSynTPEnh.exe ASUS Probe = C:Program
FilesASUSProbeAsusProb.exe AHotkey = C:Program
FilesAsusAsus Hotkeyvcontrol.exe autoclk = autoclk.exe
Iomega Startup Options = C:Program
FilesIomegaCommonImgStart.exe Iomega Drive Icons = C:Program
FilesIomegaDriveIconsImgIcon.exe LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin
2003pccguide.exe" PCCIOMON.exe = "C:Program FilesTrend
MicroPC-cillin 2003PCCIOMON.exe" PCCClient.exe = "C:Program
FilesTrend MicroPC-cillin 2003PCCClient.exe" Pop3trap.exe "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe"
/hide PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin
2003PCCIOMON.exe" tmproxy = C:Program FilesTrend
MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll -
{AA58ED58-01DD-4d91-8333-CF10577473F7} (no name) - C:PROGRAM
FILESADOBEACROBAT 6.0READERACTIVEXACROIEHELPER.DLL -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - (no file) -
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (no name) - (no file) -
{549B5CA7-4A86-11D7-A4DF-000874180BB3} (no name) -
C:PROGRA~1SPYBOT~1SDHELPER.DLL -
{53707962-6F74-2D53-2644-206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.c
ab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?3795
1.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antiv
irus.com/housecall/xscan53.cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--------------------------------------------------
End of report, 7 294 bytes
Report generated in 0,387 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on
WinNT /forcent - to include WinNT-only startups even if
running on Win9x /forceall - to include all Win9x and WinNT
startups, regardless of platform /history - to list version
history only

--
joke0

Vous avez filtré cet utilisateur ! Consultez son message

Salut,

Domi:

Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
=================================================
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Aucun intérêt

C:WINDOWSSYSTEMSYSTRAY.EXE

Pareil

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM
800-840dslmon.exe ATnotes.lnk = C:Program
FilesATnotesATnotes.exe Microsoft Office.lnk = C:Program
FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme SynTPLpr = C:Program
FilesSynapticsSynTPSynTPLpr.exe SynTPEnh = C:Program
FilesSynapticsSynTPSynTPEnh.exe ASUS Probe = C:Program
FilesASUSProbeAsusProb.exe AHotkey = C:Program
FilesAsusAsus Hotkeyvcontrol.exe autoclk = autoclk.exe
Iomega Startup Options = C:Program
FilesIomegaCommonImgStart.exe Iomega Drive Icons = C:Program
FilesIomegaDriveIconsImgIcon.exe LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin
2003pccguide.exe" PCCIOMON.exe = "C:Program FilesTrend
MicroPC-cillin 2003PCCIOMON.exe" PCCClient.exe = "C:Program
FilesTrend MicroPC-cillin 2003PCCClient.exe" Pop3trap.exe "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe"
/hide PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin
2003PCCIOMON.exe" tmproxy = C:Program FilesTrend
MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe"
/background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll -
{AA58ED58-01DD-4d91-8333-CF10577473F7} (no name) - C:PROGRAM
FILESADOBEACROBAT 6.0READERACTIVEXACROIEHELPER.DLL -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - (no file) -
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (no name) - (no file) -
{549B5CA7-4A86-11D7-A4DF-000874180BB3} (no name) -
C:PROGRA~1SPYBOT~1SDHELPER.DLL -
{53707962-6F74-2D53-2644-206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.c
ab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?3795
1.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antiv
irus.com/housecall/xscan53.cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--------------------------------------------------
End of report, 7 294 bytes
Report generated in 0,387 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on
WinNT /forcent - to include WinNT-only startups even if
running on Win9x /forceall - to include all Win9x and WinNT
startups, regardless of platform /history - to list version
history only

--
joke0

joke0

28/11/2003 à 02:33

Salut,

Domi:

Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Started from : C:TELECHARGEMENTSTARTUPLIST.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
=================================================
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMSYSTRAY.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM 800-840dslmon.exe
ATnotes.lnk = C:Program FilesATnotesATnotes.exe
Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SynTPLpr = C:Program FilesSynapticsSynTPSynTPLpr.exe
SynTPEnh = C:Program FilesSynapticsSynTPSynTPEnh.exe
ASUS Probe = C:Program FilesASUSProbeAsusProb.exe
AHotkey = C:Program FilesAsusAsus Hotkeyvcontrol.exe
autoclk = autoclk.exe
Iomega Startup Options = C:Program FilesIomegaCommonImgStart.exe
Iomega Drive Icons = C:Program FilesIomegaDriveIconsImgIcon.exe
LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin 2003pccguide.exe"
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
PCCClient.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCClient.exe"
Pop3trap.exe = "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe" /hide
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
tmproxy = C:Program FilesTrend MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe" /background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll - {AA58ED58-01DD-4d91-8333-
CF10577473F7}
(no name) - C:PROGRAM FILESADOBEACROBAT 6.0READERACTIVEXACROIEHELPER.DLL -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
(no name) - (no file) - {549B5CA7-4A86-11D7-A4DF-000874180BB3}
(no name) - C:PROGRA~1SPYBOT~1SDHELPER.DLL - {53707962-6F74-2D53-2644-
206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE =
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37951.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE =
http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.
cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--
joke0

Salut,

Domi:

Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Started from : C:TELECHARGEMENTSTARTUPLIST.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
=================================================
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMSYSTRAY.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM F@ST 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
ATnotes.lnk = C:Program FilesATnotesATnotes.exe
Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SynTPLpr = C:Program FilesSynapticsSynTPSynTPLpr.exe
SynTPEnh = C:Program FilesSynapticsSynTPSynTPEnh.exe
ASUS Probe = C:Program FilesASUSProbeAsusProb.exe
AHotkey = C:Program FilesAsusAsus Hotkeyvcontrol.exe
autoclk = autoclk.exe
Iomega Startup Options = C:Program FilesIomegaCommonImgStart.exe
Iomega Drive Icons = C:Program FilesIomegaDriveIconsImgIcon.exe
LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin 2003pccguide.exe"
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
PCCClient.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCClient.exe"
Pop3trap.exe = "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe" /hide
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
tmproxy = C:Program FilesTrend MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe" /background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll - {AA58ED58-01DD-4d91-8333-
CF10577473F7}
(no name) - C:PROGRAM FILESADOBEACROBAT 6.0READERACTIVEXACROIEHELPER.DLL -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
(no name) - (no file) - {549B5CA7-4A86-11D7-A4DF-000874180BB3}
(no name) - C:PROGRA~1SPYBOT~1SDHELPER.DLL - {53707962-6F74-2D53-2644-
206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE =
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37951.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE =
http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.
cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--
joke0

Vous avez filtré cet utilisateur ! Consultez son message

Salut,

Domi:

Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Started from : C:TELECHARGEMENTSTARTUPLIST.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
=================================================
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMSYSTRAY.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM 800-840dslmon.exe
ATnotes.lnk = C:Program FilesATnotesATnotes.exe
Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SynTPLpr = C:Program FilesSynapticsSynTPSynTPLpr.exe
SynTPEnh = C:Program FilesSynapticsSynTPSynTPEnh.exe
ASUS Probe = C:Program FilesASUSProbeAsusProb.exe
AHotkey = C:Program FilesAsusAsus Hotkeyvcontrol.exe
autoclk = autoclk.exe
Iomega Startup Options = C:Program FilesIomegaCommonImgStart.exe
Iomega Drive Icons = C:Program FilesIomegaDriveIconsImgIcon.exe
LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin 2003pccguide.exe"
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
PCCClient.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCClient.exe"
Pop3trap.exe = "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe" /hide
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
tmproxy = C:Program FilesTrend MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe" /background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll - {AA58ED58-01DD-4d91-8333-
CF10577473F7}
(no name) - C:PROGRAM FILESADOBEACROBAT 6.0READERACTIVEXACROIEHELPER.DLL -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
(no name) - (no file) - {549B5CA7-4A86-11D7-A4DF-000874180BB3}
(no name) - C:PROGRA~1SPYBOT~1SDHELPER.DLL - {53707962-6F74-2D53-2644-
206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE =
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37951.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE =
http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.
cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--
joke0

Domi

28/11/2003 à 09:54

Merci, mais avant je n'avais pas ce ^^ et maintenant toujours. Mais si c'est
le seul désagrément ce n'est pas si grave, savez vous s'il peut y avoir
d'autres dommages ?

"joke0" a écrit dans le message de
news:

Salut,

Domi:
Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Started from : C:TELECHARGEMENTSTARTUPLIST.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
================================================= >
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMSYSTRAY.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM 800-840dslmon.exe
ATnotes.lnk = C:Program FilesATnotesATnotes.exe
Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SynTPLpr = C:Program FilesSynapticsSynTPSynTPLpr.exe
SynTPEnh = C:Program FilesSynapticsSynTPSynTPEnh.exe
ASUS Probe = C:Program FilesASUSProbeAsusProb.exe
AHotkey = C:Program FilesAsusAsus Hotkeyvcontrol.exe
autoclk = autoclk.exe
Iomega Startup Options = C:Program FilesIomegaCommonImgStart.exe
Iomega Drive Icons = C:Program FilesIomegaDriveIconsImgIcon.exe
LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin 2003pccguide.exe"
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
PCCClient.exe = "C:Program FilesTrend MicroPC-cillin
2003PCCClient.exe"

Pop3trap.exe = "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe" /hide
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
tmproxy = C:Program FilesTrend MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe" /background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE > drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll -
{AA58ED58-01DD-4d91-8333-

CF10577473F7}
(no name) - C:PROGRAM FILESADOBEACROBAT
6.0READERACTIVEXACROIEHELPER.DLL -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
(no name) - (no file) - {549B5CA7-4A86-11D7-A4DF-000874180BB3}
(no name) - C:PROGRA~1SPYBOT~1SDHELPER.DLL - {53707962-6F74-2D53-2644-
206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE >
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37951.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE >
http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.

cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--
joke0

Merci, mais avant je n'avais pas ce ^^ et maintenant toujours. Mais si c'est
le seul désagrément ce n'est pas si grave, savez vous s'il peut y avoir
d'autres dommages ?

"joke0" <joke0NOSWEN@tiscali.fr> a écrit dans le message de
news:XnF94411A1045A5Cjoke0@127.0.0.1...

Salut,

Domi:

Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Started from : C:TELECHARGEMENTSTARTUPLIST.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
================================================= >
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMSYSTRAY.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM F@ST 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
ATnotes.lnk = C:Program FilesATnotesATnotes.exe
Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SynTPLpr = C:Program FilesSynapticsSynTPSynTPLpr.exe
SynTPEnh = C:Program FilesSynapticsSynTPSynTPEnh.exe
ASUS Probe = C:Program FilesASUSProbeAsusProb.exe
AHotkey = C:Program FilesAsusAsus Hotkeyvcontrol.exe
autoclk = autoclk.exe
Iomega Startup Options = C:Program FilesIomegaCommonImgStart.exe
Iomega Drive Icons = C:Program FilesIomegaDriveIconsImgIcon.exe
LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin 2003pccguide.exe"
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
PCCClient.exe = "C:Program FilesTrend MicroPC-cillin
2003PCCClient.exe"

Pop3trap.exe = "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe" /hide
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
tmproxy = C:Program FilesTrend MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe" /background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE > drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll -
{AA58ED58-01DD-4d91-8333-

CF10577473F7}
(no name) - C:PROGRAM FILESADOBEACROBAT
6.0READERACTIVEXACROIEHELPER.DLL -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
(no name) - (no file) - {549B5CA7-4A86-11D7-A4DF-000874180BB3}
(no name) - C:PROGRA~1SPYBOT~1SDHELPER.DLL - {53707962-6F74-2D53-2644-
206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE >
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37951.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE >
http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.

cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--
joke0

Vous avez filtré cet utilisateur ! Consultez son message

Merci, mais avant je n'avais pas ce ^^ et maintenant toujours. Mais si c'est
le seul désagrément ce n'est pas si grave, savez vous s'il peut y avoir
d'autres dommages ?

"joke0" a écrit dans le message de
news:

Salut,

Domi:
Je veux bien que tu me l'envoies c'est sympa.

Je n'ai rien vu de spécial qui corresponde à un ver. A moins qu'il
ne s'agisse d'un virus, c'est probablement un bug d'un logiciel
(j'en est retiré 1 un peu compromettant ;-)

StartupList report, 27/11/2003, 12:12:54
StartupList version: 1.52
Started from : C:TELECHARGEMENTSTARTUPLIST.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
================================================= >
Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE

Normal

C:WINDOWSSYSTEMSSDPSRV.EXE

Relatif à Universal Plug and Play (UPnP) à désactiver

C:PROGRAM FILESKERIOPERSONAL FIREWALLPERSFW.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCIOMON.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003TMPROXY.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMSYSTRAY.EXE

Amha, aucun intérêt à le laisser actif

C:WINDOWSSYSTEMIRMON.EXE

A à voir avec un éventuel port infra-rouge.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:PROGRAM FILESSYNAPTICSSYNTPSYNTPLPR.EXE
C:PROGRAM FILESSYNAPTICSSYNTPSYNTPENH.EXE
C:PROGRAM FILESASUSPROBEASUSPROB.EXE
C:PROGRAM FILESASUSASUS HOTKEYVCONTROL.EXE
C:PROGRAM FILESIOMEGADRIVEICONSIMGICON.EXE
C:WINDOWSLOADQM.EXE

Relatif au logiciel Microsoft MSN Explorer.
Si vous ne l'utilisez pas, empêchez-le de démarrer

C:WINDOWSSYSTEMWMIEXE.EXE

inutile: à désactiver

C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCGUIDE.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003PCCCLIENT.EXE
C:PROGRAM FILESTREND MICROPC-CILLIN 2003POP3TRAP.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE

cf LOADQM.EXE

C:PROGRAM FILESASUSASUS HOTKEYHOTKEY.EXE
C:PROGRAM FILESSAGEMSAGEM 800-840DSLMON.EXE
C:PROGRAM FILESATNOTESATNOTES.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:TELECHARGEMENTSTARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:WINDOWSMenu DémarrerProgrammesDémarrage]
ASUS Hotkey.lnk = C:Program FilesASUSAsus HotkeyHotkey.exe
DSLMON.lnk = C:Program FilesSAGEMSAGEM 800-840dslmon.exe
ATnotes.lnk = C:Program FilesATnotesATnotes.exe
Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

ScanRegistry = C:WINDOWSscanregw.exe /autorun
TaskMonitor = C:WINDOWStaskmon.exe
PCHealth = C:WINDOWSPCHealthSupportPCHSchd.exe -s
SystemTray = SysTray.Exe
IrMon = irmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SynTPLpr = C:Program FilesSynapticsSynTPSynTPLpr.exe
SynTPEnh = C:Program FilesSynapticsSynTPSynTPEnh.exe
ASUS Probe = C:Program FilesASUSProbeAsusProb.exe
AHotkey = C:Program FilesAsusAsus Hotkeyvcontrol.exe
autoclk = autoclk.exe
Iomega Startup Options = C:Program FilesIomegaCommonImgStart.exe
Iomega Drive Icons = C:Program FilesIomegaDriveIconsImgIcon.exe
LoadQM = loadqm.exe
InCD = C:Program FilesAheadInCDInCD.exe
pccguide.exe = "C:Program FilesTrend MicroPC-cillin 2003pccguide.exe"
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
PCCClient.exe = "C:Program FilesTrend MicroPC-cillin
2003PCCClient.exe"

Pop3trap.exe = "C:Program FilesTrend MicroPC-cillin 2003Pop3trap.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
SSDPSRV = C:WINDOWSSYSTEMssdpsrv.exe
*StateMgr = C:WINDOWSSystemRestoreStateMgr.exe
PersFw = "C:Program FilesKerioPersonal Firewallpersfw.exe" /hide
PCCIOMON.exe = "C:Program FilesTrend MicroPC-cillin 2003PCCIOMON.exe"
tmproxy = C:Program FilesTrend MicroPC-cillin 2003tmproxy.exe

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

MsnMsgr = "C:Program FilesMSN MessengerMsnMsgr.Exe" /background

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOTscrfileshellopencommand

(Default) = "%1" %*

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE > drivers=mmsystem.dll power.drv

--------------------------------------------------

C:WINDOWSWININIT.BAK listing:
(Created 27/11/2003, 11:19:36)

[rename]
NUL=C:WINDOWSBJDELDIR.EXE
NUL=C:WINDOWSSYSTEMCJSTR47.EXE

--------------------------------------------------

C:AUTOEXEC.BAT listing:

SET windir=C:WINDOWS
SET winbootdir=C:WINDOWS
SET COMSPEC=C:WINDOWSCOMMAND.COM
SET PATH=C:WINDOWS;C:WINDOWSCOMMAND
SET PROMPT=$p$g
SET TEMP=C:WINDOWSTEMP
SET TMP=C:WINDOWSTEMP

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - c:program filesgooglegoogletoolbar1.dll -
{AA58ED58-01DD-4d91-8333-

CF10577473F7}
(no name) - C:PROGRAM FILESADOBEACROBAT
6.0READERACTIVEXACROIEHELPER.DLL -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
(no name) - (no file) - {549B5CA7-4A86-11D7-A4DF-000874180BB3}
(no name) - C:PROGRA~1SPYBOT~1SDHELPER.DLL - {53707962-6F74-2D53-2644-
206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Démarrage du programme de réglages.job
Planificateur pour la collecte de données PCHealth.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:WINDOWSSYSTEMMACROMEDFLASHFLASH.OCX
CODEBASE http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Update Class]
InProcServer32 = C:WINDOWSSYSTEMIUCTL.DLL
CODEBASE >
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37951.4769444444

[HouseCall Control]
InProcServer32 = C:WINDOWSDOWNLO~1XSCAN53.OCX
CODEBASE >
http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.

cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #2: C:WINDOWSsystem32wspirda.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:WINDOWSSYSTEMWEBCHECK.DLL
UPnPMonitor: C:WINDOWSSYSTEMUPNPUI.DLL
AUHook: C:WINDOWSSYSTEMAUHOOK.DLL

--
joke0

joke0

28/11/2003 à 11:58

Salut,

[Fait attention à la façon dont tu composes tes messages, tu
viens de poster 250 dont 240 inutiles.]

Domi:

Merci, mais avant je n'avais pas ce ^^ et maintenant toujours.
Mais si c'est le seul désagrément ce n'est pas si grave, savez
vous s'il peut y avoir d'autres dommages ?

Il faut d'abord que tu arrives à dater l'apparition de ce
problème et que tu te rappelles les changement intervenus sur
ton pc (logiciels surtout, mise-à-jour).

--
joke0

Domi

28/11/2003 à 12:45

Je ne comprends pas ton message me disant de faire attention à ma façon de
composer les messages. Je fais simplement "répondre"
Merci

"joke0" a écrit dans le message de
news:

Salut,

[Fait attention à la façon dont tu composes tes messages, tu
viens de poster 250 dont 240 inutiles.]

Domi:
Merci, mais avant je n'avais pas ce ^^ et maintenant toujours.
Mais si c'est le seul désagrément ce n'est pas si grave, savez
vous s'il peut y avoir d'autres dommages ?

Il faut d'abord que tu arrives à dater l'apparition de ce
problème et que tu te rappelles les changement intervenus sur
ton pc (logiciels surtout, mise-à-jour).

--
joke0

Frederic Bonroy

28/11/2003 à 12:56

Je ne comprends pas ton message me disant de faire attention à ma façon de
composer les messages. Je fais simplement "répondre"

Justement - beaucoup de lecteurs de forums sont mal configurés
(d'avance) et Outlook Express n'est évidemment pas une exception. La
réponse au-dessus des citations est la plus facile, mais la moins
logique aussi. Après tout, on répond après une question, pas avant.

Postez donc en-dessous des citations, et ne citez que la partie du
message précédent à laquelle vous vous référez réellement. Par exemple
il est totalement inutile de citer la signature délimitée par les deux
tirets.

Faites comme moi quoi. ;-)

Bugbear ?

6 réponses

Veuillez sélectionner un problème