Aller au contenu

lesmonchs

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par lesmonchs

  1. lesmonchs
    Bonsoir Mr Ingals, Je t' écris via un vieux tromblon sur lequel j'au du réinstallé une connexion internet, en effet après avoir coché comme tu me l'avais prescrit les lignes ci dessous: O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm636YYFR et puis, le lendemain qd j'ai voulu consulter tes réponses, impossible de lancer mon Wifi, je l'ai donc désinstallé, et cela m'a désinstallé ma livebox et qd je veux la réinstallé avec le cd rom impossible, il se lance avec un message du style etude de votre systeme puis plus rien. mon fils me dis "formate" et moi je dis, zut, crotte, M...., pas vraiment envie ! voila, donc je viens de prendre connaissance de tes préconisations, je vais essayer....et puis on verra bien merci qd même dernier mot, merci pour ta patience même si je suis un peu long à répondre !
  2. lesmonchs
    Bonsoir, Mc afee me dit que le fichier où serait logé "pached function" est: Memory\ZwquerySystemeInformation ci dessous résultat de winPFin3u (qd je lance le 1 de Dialer, toujours la meme chose, rien ne se passe ) WinPFind3 logfile created on: 04/02/2007 19:19:09 WinPFind3U by OldTimer - Version 1.0.14 Folder = C:\Documents and Settings\PERSO\Bureau\WinPFind3u\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 6.0.2900.2180) 522672 Kb Total Physical Memory | 132556 Kb Available Physical Memory | 25,36% Memory free 1276860 Kb Paging File | 565356 Kb Available in Paging File | 44,28% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29294492 Kb Total Space | 13008268 Kb Free Space | 44,41% Space Free D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded [Processes - Non-Microsoft Only] application launcher.exe -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe -> Sony Ericsson Mobile Communications AB [Ver = 1.1.1.3 | Size = 159744 bytes | Modified Date = 26/10/2005 16:17:24 | Attr = R ] ati2evxx.exe -> %System32%\ati2evxx.exe -> [Ver = | Size = 323584 bytes | Modified Date = 29/07/2003 13:11:36 | Attr = ] ati2evxx.exe -> %System32%\ati2evxx.exe -> [Ver = | Size = 323584 bytes | Modified Date = 29/07/2003 13:11:36 | Attr = ] atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5028 | Size = 335872 bytes | Modified Date = 29/07/2003 12:30:00 | Attr = ] capabilitymanager.exe -> %CommonProgramFiles%\Teleca Shared\CapabilityManager.exe -> Teleca Software Solutions AB [Ver = 0.0.1.48 | Size = 278528 bytes | Modified Date = 08/06/2005 16:45:04 | Attr = ] dadapp.exe -> %ProgramFiles%\Dell\AccessDirect\DadApp.exe -> [Ver = | Size = 209800 bytes | Modified Date = 07/03/2003 11:36:30 | Attr = ] dit.exe -> %SystemRoot%\Dit.exe -> ICSI Technology Ltd. [Ver = V2.12.0805 | Size = 90112 bytes | Modified Date = 05/08/2004 19:28:42 | Attr = ] emproxy.exe -> %CommonProgramFiles%\McAfee\EmProxy\emproxy.exe -> McAfee, Inc. [Ver = 11,2,115,0 | Size = 337488 bytes | Modified Date = 28/10/2006 20:59:38 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.1: 2006120418 | Size = 7620696 bytes | Modified Date = 13/12/2006 04:12:18 | Attr = ] ftrtsvc.exe -> %System32%\FTRTSVC.exe -> France Telecom [Ver = 11.0 (4) | Size = 40960 bytes | Modified Date = 23/08/2004 14:49:56 | Attr = ] generic.exe -> %CommonProgramFiles%\Teleca Shared\Generic.exe -> Teleca Software Solutions [Ver = 1, 0, 3, 2 | Size = 385024 bytes | Modified Date = 10/08/2005 07:54:34 | Attr = R ] hwapi.exe -> %CommonProgramFiles%\McAfee\HackerWatch\HWAPI.exe -> McAfee, Inc. [Ver = 8.1.105.0 | Size = 554600 bytes | Modified Date = 08/11/2006 13:18:42 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09/11/2006 15:07:30 | Attr = ] mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc. [Ver = 7,1,133,0 | Size = 566872 bytes | Modified Date = 27/10/2006 15:23:42 | Attr = ] mcinfo.exe -> %ProgramFiles%\McAfee\MSC\mcinfo.exe -> McAfee, Inc. [Ver = 7,1,128,0 | Size = 525912 bytes | Modified Date = 25/10/2006 15:08:08 | Attr = ] mclogsrv.exe -> %ProgramFiles%\McAfee\MSC\mclogsrv.exe -> McAfee, Inc. [Ver = 7,1,131,0 | Size = 178264 bytes | Modified Date = 26/10/2006 18:22:00 | Attr = ] mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 1,1,110,0 | Size = 2213416 bytes | Modified Date = 07/11/2006 10:44:16 | Attr = ] mcods.exe -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> McAfee, Inc. [Ver = 11,1,124,0 | Size = 362064 bytes | Modified Date = 30/10/2006 17:20:26 | Attr = ] mcpromgr.exe -> %ProgramFiles%\McAfee\MSC\mcpromgr.exe -> McAfee, Inc. [Ver = 7,1,131,0 | Size = 485464 bytes | Modified Date = 26/10/2006 18:21:30 | Attr = ] mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> McAfee, Inc. [Ver = VSCORE.13.3.0.132.x86 | Size = 144960 bytes | Modified Date = 26/10/2006 09:55:50 | Attr = ] mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 11,1,125,0 | Size = 624720 bytes | Modified Date = 10/11/2006 15:18:12 | Attr = ] mctskshd.exe -> %ProgramFiles%\McAfee\MSC\mctskshd.exe -> McAfee, Inc. [Ver = 7,1,133,0 | Size = 189528 bytes | Modified Date = 27/10/2006 15:24:28 | Attr = ] mcuimgr.exe -> %ProgramFiles%\McAfee\MSC\mcuimgr.exe -> McAfee, Inc. [Ver = 7,1,128,0 | Size = 251480 bytes | Modified Date = 25/10/2006 15:08:46 | Attr = ] mcupdmgr.exe -> %ProgramFiles%\McAfee\MSC\mcupdmgr.exe -> McAfee, Inc. [Ver = 7,1,128,0 | Size = 677464 bytes | Modified Date = 25/10/2006 15:09:04 | Attr = ] mcusrmgr.exe -> %ProgramFiles%\McAfee\MSC\mcusrmgr.exe -> McAfee, Inc. [Ver = 7,1,131,0 | Size = 321112 bytes | Modified Date = 26/10/2006 18:21:54 | Attr = ] mcvsshld.exe -> %ProgramFiles%\McAfee\VirusScan\mcvsshld.exe -> McAfee, Inc. [Ver = 11,1,124,0 | Size = 370256 bytes | Modified Date = 30/10/2006 17:20:24 | Attr = ] monitor.exe -> %CommonProgramFiles%\Ulead Systems\AutoDetector\Monitor.exe -> Ulead Systems, Inc. [Ver = 2.0.0.0 | Size = 90112 bytes | Modified Date = 27/08/2004 19:22:38 | Attr = ] mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 8.1.123.0 | Size = 833064 bytes | Modified Date = 10/11/2006 14:50:48 | Attr = ] mscifapp.exe -> %ProgramFiles%\McAfee.com\MPS\mscifapp.exe -> McAfee, Inc [Ver = 7.1.1.46 | Size = 274432 bytes | Modified Date = 24/05/2005 15:50:24 | Attr = ] mskagent.exe -> %ProgramFiles%\McAfee\SpamKiller\MSKAgent.exe -> McAfee Inc. [Ver = 7.0.2.0 | Size = 110592 bytes | Modified Date = 09/11/2005 14:01:00 | Attr = ] msksrvr.exe -> %ProgramFiles%\McAfee\SpamKiller\MSKSrvr.exe -> McAfee Inc. [Ver = 7.0.1.3 | Size = 963072 bytes | Modified Date = 12/07/2005 17:10:18 | Attr = ] msn pictures displayer.exe -> %ProgramFiles%\MSN Pictures Displayer\MSN Pictures Displayer.exe -> [Ver = 4.2.0.0 | Size = 4116992 bytes | Modified Date = 08/01/2007 13:20:52 | Attr = ] redirsvc.exe -> %CommonProgramFiles%\McAfee\RedirSvc\RedirSvc.exe -> McAfee, Inc. [Ver = 1,1,116,0 | Size = 239200 bytes | Modified Date = 02/11/2006 12:29:40 | Attr = ] siteadv.exe -> %ProgramFiles%\SiteAdvisor\4608\SiteAdv.exe -> McAfee, Inc. [Ver = 1.6.0.23 | Size = 35416 bytes | Modified Date = 10/08/2006 20:38:30 | Attr = ] syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.5.7 02May03 | Size = 610304 bytes | Modified Date = 02/05/2003 16:15:44 | Attr = ] syntplpr.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.5.7 02May03 | Size = 110592 bytes | Modified Date = 02/05/2003 16:21:48 | Attr = ] taskbaricon.exe -> %ProgramFiles%\Wanadoo\TaskBarIcon.exe -> France Télécom R&D [Ver = 5.9 (1) | Size = 61440 bytes | Modified Date = 05/10/2004 16:00:12 | Attr = ] version traduite originale.exe -> %ProgramFiles%\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE -> Soeperman Enterprises Ltd. [Ver = 1.99.0001 | Size = 220160 bytes | Modified Date = 03/03/2005 18:36:58 | Attr = ] vsnpstd.exe -> %SystemRoot%\vsnpstd.exe -> [Ver = 1, 0, 0, 4 | Size = 40960 bytes | Modified Date = 31/12/2003 16:39:04 | Attr = ] winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.14.0 | Size = 308224 bytes | Modified Date = 03/02/2007 15:49:48 | Attr = ] wlancfg.exe -> %ProgramFiles%\Inventel\Gateway\WLANCFG.EXE -> Inventel [Ver = 4, 0, 0, 0 | Size = 1466368 bytes | Modified Date = 04/02/2005 14:47:58 | Attr = ] [Win32 Services - Non-Microsoft Only] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> [Ver = | Size = 323584 bytes | Modified Date = 29/07/2003 13:11:36 | Attr = ] (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 20/08/2004 00:09:52 | Attr = ] (Emproxy) McAfee E-mail Proxy [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\McAfee\EmProxy\emproxy.exe -> McAfee, Inc. [Ver = 11,2,115,0 | Size = 337488 bytes | Modified Date = 28/10/2006 20:59:38 | Attr = ] (FTRTSVC) France Telecom Routing Table Service [Win32_Own | Auto | Running] -> %System32%\FTRTSVC.exe -> France Telecom [Ver = 11.0 (4) | Size = 40960 bytes | Modified Date = 23/08/2004 14:49:56 | Attr = ] (McAfee HackerWatch Service) McAfee HackerWatch Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\HackerWatch\HWAPI.exe -> McAfee, Inc. [Ver = 8.1.105.0 | Size = 554600 bytes | Modified Date = 08/11/2006 13:18:42 | Attr = ] (McLogManagerService) McAfee Log Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mclogsrv.exe -> McAfee, Inc. [Ver = 7,1,131,0 | Size = 178264 bytes | Modified Date = 26/10/2006 18:22:00 | Attr = ] (mcmispupdmgr) McAfee Update Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcupdmgr.exe -> McAfee, Inc. [Ver = 7,1,128,0 | Size = 677464 bytes | Modified Date = 25/10/2006 15:09:04 | Attr = ] (McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 1,1,110,0 | Size = 2213416 bytes | Modified Date = 07/11/2006 10:44:16 | Attr = ] (McODS) McAfee Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> McAfee, Inc. [Ver = 11,1,124,0 | Size = 362064 bytes | Modified Date = 30/10/2006 17:20:26 | Attr = ] (mcpromgr) McAfee Protection Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcpromgr.exe -> McAfee, Inc. [Ver = 7,1,131,0 | Size = 485464 bytes | Modified Date = 26/10/2006 18:21:30 | Attr = ] (McRedirector) McAfee Redirector Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\RedirSvc\RedirSvc.exe -> McAfee, Inc. [Ver = 1,1,116,0 | Size = 239200 bytes | Modified Date = 02/11/2006 12:29:40 | Attr = ] (McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> -> File not found (McSysmon) McAfee SystemGuards [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 11,1,125,0 | Size = 624720 bytes | Modified Date = 10/11/2006 15:18:12 | Attr = ] (McTskshd.exe) McAfee Task Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mctskshd.exe -> McAfee, Inc. [Ver = 7,1,133,0 | Size = 189528 bytes | Modified Date = 27/10/2006 15:24:28 | Attr = ] (mcusrmgr) McAfee User Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcusrmgr.exe -> McAfee, Inc. [Ver = 7,1,131,0 | Size = 321112 bytes | Modified Date = 26/10/2006 18:21:54 | Attr = ] (MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 8.1.123.0 | Size = 833064 bytes | Modified Date = 10/11/2006 14:50:48 | Attr = ] (MskService) McAfee SpamKiller Server [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\SpamKiller\MSKSrvr.exe -> McAfee Inc. [Ver = 7.0.1.3 | Size = 963072 bytes | Modified Date = 12/07/2005 17:10:18 | Attr = ] (Wlancfg) Service de lancement de WlanCfg [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Inventel\Gateway\WLANCFG.EXE -> Inventel [Ver = 4, 0, 0, 0 | Size = 1466368 bytes | Modified Date = 04/02/2005 14:47:58 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found ATIModeChange -> %System32%\Ati2mdxx.exe -> ATI Technologies, Inc. [Ver = 4.13.3 | Size = 28672 bytes | Modified Date = 04/09/2001 15:24:26 | Attr = ] ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5028 | Size = 335872 bytes | Modified Date = 29/07/2003 12:30:00 | Attr = ] DadApp -> %ProgramFiles%\Dell\AccessDirect\DadApp.exe -> [Ver = | Size = 209800 bytes | Modified Date = 07/03/2003 11:36:30 | Attr = ] Dit -> %SystemRoot%\Dit.exe -> ICSI Technology Ltd. [Ver = V2.12.0805 | Size = 90112 bytes | Modified Date = 05/08/2004 19:28:42 | Attr = ] MPSExe -> %ProgramFiles%\McAfee.com\MPS\mscifapp.exe -> McAfee, Inc [Ver = 7.1.1.46 | Size = 274432 bytes | Modified Date = 24/05/2005 15:50:24 | Attr = ] MSKAGENTEXE -> %ProgramFiles%\McAfee\SpamKiller\MSKAgent.exe -> McAfee Inc. [Ver = 7.0.2.0 | Size = 110592 bytes | Modified Date = 09/11/2005 14:01:00 | Attr = ] MSKDetectorExe -> %ProgramFiles%\McAfee\SpamKiller\MSKDetct.exe -> McAfee, Inc. [Ver = 7.0.2.5 | Size = 1121280 bytes | Modified Date = 07/11/2006 14:49:50 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 05/03/2006 15:47:54 | Attr = ] RoxioAudioCentral -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe -> Roxio, Inc. [Ver = 1.0.117 | Size = 253952 bytes | Modified Date = 26/02/2003 15:50:08 | Attr = ] RoxioDragToDisc -> %ProgramFiles%\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe -> Roxio [Ver = 6.0.0.209 | Size = 757760 bytes | Modified Date = 27/02/2003 03:36:06 | Attr = ] RoxioEngineUtility -> %CommonProgramFiles%\Roxio Shared\System\EngUtil.exe -> Roxio [Ver = 6.0.0.3 | Size = 69632 bytes | Modified Date = 27/02/2003 04:31:24 | Attr = ] snpstd -> %SystemRoot%\vsnpstd.exe -> [Ver = 1, 0, 0, 4 | Size = 40960 bytes | Modified Date = 31/12/2003 16:39:04 | Attr = ] Sony Ericsson PC Suite -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe -> Sony Ericsson Mobile Communications AB [Ver = 1.1.1.3 | Size = 159744 bytes | Modified Date = 26/10/2005 16:17:24 | Attr = R ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09/11/2006 15:07:30 | Attr = ] SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.5.7 02May03 | Size = 610304 bytes | Modified Date = 02/05/2003 16:15:44 | Attr = ] SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.5.7 02May03 | Size = 110592 bytes | Modified Date = 02/05/2003 16:21:48 | Attr = ] Ulead AutoDetector v2 -> %CommonProgramFiles%\Ulead Systems\AutoDetector\Monitor.exe -> Ulead Systems, Inc. [Ver = 2.0.0.0 | Size = 90112 bytes | Modified Date = 27/08/2004 19:22:38 | Attr = ] WOOTASKBARICON -> %SystemDrive%\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe -> File not found WOOWATCH -> %ProgramFiles%\Wanadoo\Watch.exe -> France Télécom R&D [Ver = 11.0 (2) | Size = 20480 bytes | Modified Date = 23/08/2004 13:49:56 | Attr = ] < OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ IMAIL -> Installed = 1 -> MAPI -> Installed = 1 -> MSFS -> Installed = 1 -> < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\lib\NMBgMonitor.exe -> File not found MailSkinner -> %ProgramFiles%\mailskinner\mailskinner.exe -> File not found MSKAGENTEXE -> %ProgramFiles%\McAfee\SpamKiller\MSKAgent.exe -> McAfee Inc. [Ver = 7.0.2.0 | Size = 110592 bytes | Modified Date = 09/11/2005 14:01:00 | Attr = ] WOOKIT -> %ProgramFiles%\Wanadoo\Shell.exe -> [Ver = 10.0 (63) | Size = 122880 bytes | Modified Date = 23/08/2004 13:50:00 | Attr = ] < Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage %AllUsersStartup%\DVD@ccess.lnk -> %ProgramFiles%\Apple Computer\DVD@ccess\DVDAccess.exe -> Apple Computer [Ver = 1, 5, 0, 0 | Size = 884736 bytes | Modified Date = 19/03/2002 20:38:36 | Attr = ] < User Startup > -> C:\Documents and Settings\PERSO\Menu Démarrer\Programmes\Démarrage %UserStartup%\ADILOOK Français sur disque C.LNK -> %SystemDrive%\COKTEL\ADI4OEMP\ADILOOK.EXE -> [Ver = | Size = 187904 bytes | Modified Date = 05/09/1997 14:51:44 | Attr = ] %UserStartup%\MSN Pictures Displayer.lnk -> %ProgramFiles%\MSN Pictures Displayer\MSN Pictures Displayer.exe -> [Ver = 4.2.0.0 | Size = 4116992 bytes | Modified Date = 08/01/2007 13:20:52 | Attr = ] %UserStartup%\UltimateZip Quick Start.lnk -> %ProgramFiles%\UltimateZip 2007\uzqkst.exe -> SWE von Schleusen [Ver = 3.1.0.0 | Size = 325120 bytes | Modified Date = 06/08/2006 03:11:44 | Attr = ] < Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command http [open] -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.1: 2006120418 | Size = 7620696 bytes | Modified Date = 13/12/2006 04:12:18 | Attr = ] https [open] -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.1: 2006120418 | Size = 7620696 bytes | Modified Date = 13/12/2006 04:12:18 | Attr = ] regfile [merge] -> Reg Data - Key not found -> scrfile [open] -> "%1" /S -> scrfile [config] -> "%1" -> *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew\\Command -> NewLinkHere -> -> File not found %1 -> -> File not found *Command* -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bfc\ShellNew\\Command -> Briefcase_Create -> -> File not found %2!d! -> -> File not found %1 -> -> File not found < ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -> -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -> {44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -> {5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -> {6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub -> {73FA19D0-2D75-11D2-995D-00C04F98BBC9} -> -> {7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install -> {89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll -> {89820200-ECBD-11cf-8B85-00AA005B4383} -> %SystemRoot%\system32\ie4uinit.exe -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -> >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP -> >{26923b43-4d38-484f-9b9e-de460746276c} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -> < WOW Command Line [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW *wowcmdline* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW\\wowcmdline -> -a -> -> File not found < Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager BootExecute -> autocheck autochk *; -> < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> Control_RunDLL -> -> File not found < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon < Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ < Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> • -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ 0 -> [Key] -> 0 -> FriendlyName = Ma page d'accueil -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts < Internet Explorer Settings > -> HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome -> HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: Local Page -> %SystemRoot%\system32\blank.htm -> HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: SearchAssistant -> http://www.google.com/ie -> HKCU: Local Page -> C:\WINDOWS\system32\blank.htm -> HKCU: Search Bar -> http://www.google.com/ie -> HKCU: Search Page -> http://www.google.com -> HKCU: Start Page -> http://www.wanadoo.fr/ -> HKCU: SearchAssistant -> http://ie.search.msn.com/fr/srchasst/srchasst.htm -> HKCU: URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} [HKLM] -> %ProgramFiles%\Wanadoo\SearchPageURL.dll [search Class] -> [Ver = 1, 0, 0, 1 | Size = 57344 bytes | Modified Date = 06/12/2004 14:27:48 | Attr = ] HKCU: ProxyEnable -> 0 -> < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ msn.com [ - ] -> -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 16/04/2001 14:39:02 | Attr = ] {089FD14D-132B-48FC-8861-0048AE113215} [HKLM] -> %ProgramFiles%\SiteAdvisor\4608\SiteAdv.dll [Reg Data - Value does not exist] -> McAfee, Inc. [Ver = 2.1.1.35 | Size = 1087064 bytes | Modified Date = 18/11/2006 13:46:34 | Attr = ] {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} [HKLM] -> %ProgramFiles%\McAfee.com\MPS\McBrHlpr.dll [McBrwHelper Class] -> McAfee, Inc [Ver = 7.1.1.46 | Size = 147456 bytes | Modified Date = 24/05/2005 15:52:20 | Attr = ] {3EC8255F-E043-4cae-8B3B-B191550C2A22} [HKLM] -> %ProgramFiles%\McAfee.com\MPS\popupkiller.dll [McAfee Privacy Service Popup Blocker] -> McAfee, Inc [Ver = 7.1.1.46 | Size = 126976 bytes | Modified Date = 24/05/2005 15:51:46 | Attr = ] {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} [HKLM] -> %ProgramFiles%\McAfee\spamkiller\McApfBHO.dll [McAfee AntiPhishing Filter] -> McAfee, Inc. [Ver = 7.0.2.3 | Size = 348160 bytes | Modified Date = 03/11/2005 14:10:32 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09/11/2006 15:21:52 | Attr = ] {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> %ProgramFiles%\McAfee\virusscan\scriptcl.dll [scriptproxy] -> McAfee, Inc. [Ver = VSCORE.13.3.0.132.x86 | Size = 67136 bytes | Modified Date = 26/10/2006 09:56:24 | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 12/10/2006 10:38:04 | Attr = R ] < Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar {0BF43445-2F28-4351-9252-17FE6E806AA0} [HKLM] -> %ProgramFiles%\SiteAdvisor\4608\SiteAdv.dll [McAfee SiteAdvisor] -> McAfee, Inc. [Ver = 2.1.1.35 | Size = 1087064 bytes | Modified Date = 18/11/2006 13:46:34 | Attr = ] {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 12/10/2006 10:38:04 | Attr = R ] {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 04/08/2005 21:54:42 | Attr = ] < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ShellBrowser\\{74CC49F7-EB32-4A08-B204-948962A6E3DB} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 12/10/2006 10:38:04 | Attr = R ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 04/08/2005 21:54:42 | Attr = ] < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8200 - Console Java (Sun) -> {1462651F-F4BA-4C76-A001-C4284D0FE16E} -> 8195 - Reg Data - Key not found -> {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} -> 8199 - McAfee AntiPhishing Filter -> {946B3E9E-E21A-49c8-9F63-900533FAFE14} -> 8196 - Reg Data - Key not found -> {946B3E9E-E21A-49c8-9F63-900533FAFE15} -> 8197 - Reg Data - Key not found -> {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8193 - Reg Data - Key not found -> {FB5F1911-F110-11d2-BB9E-00C04F795683} -> 8198 - Reg Data - Key not found -> NextId -> 8201 -> < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 09/11/2006 15:21:54 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09/11/2006 15:21:52 | Attr = ] {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} [HKLM] -> %ProgramFiles%\McAfee\spamkiller\McApfBHO.dll [MenuText: McAfee AntiPhishing Filter] -> McAfee, Inc. [Ver = 7.0.2.3 | Size = 348160 bytes | Modified Date = 03/11/2005 14:10:32 | Attr = ] < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ &Search -> http:\bar.mywebsearch.com\menusearch.htm -> File not found E&xporter vers Microsoft Excel -> -> File not found < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved {2F860D81-AF3C-11D4-BDB3-00E0987D8540} [HKLM] -> %ProgramFiles%\UltimateZip 2007\uzshlex.dll [ultimateZip Shell Extension] -> [Ver = | Size = 424448 bytes | Modified Date = 10/04/2005 04:16:20 | Attr = ] {2F860D82-AF3C-11D4-BDB3-00E0987D8540} [HKLM] -> %ProgramFiles%\UltimateZip 2007\uzshldr.dll [ultimateZip Drag Drop Handler] -> [Ver = | Size = 563200 bytes | Modified Date = 10/04/2005 06:06:18 | Attr = ] {A5110426-177D-4e08-AB3F-785F10B4439C} [HKLM] -> %ProgramFiles%\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll [Gestionnaire de fichiers Sony Ericsson] -> Sony Ericsson Mobile Communications AB [Ver = 1, 3, 11, 0 | Size = 397312 bytes | Modified Date = 14/03/2006 15:23:00 | Attr = R ] < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ {162EFDC5-2957-465D-887B-590AF4A7E84D} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\mcodsax.dll [MCVSRIGHTCLICKSCANNER] -> McAfee, Inc. [Ver = 11,1,124,0 | Size = 198224 bytes | Modified Date = 30/10/2006 17:20:20 | Attr = ] {2F860D81-AF3C-11D4-BDB3-00E0987D8540} [HKLM] -> %ProgramFiles%\UltimateZip 2007\uzshlex.dll [ultimateZip] -> [Ver = | Size = 424448 bytes | Modified Date = 10/04/2005 04:16:20 | Attr = ] < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\ {162EFDC5-2957-465D-887B-590AF4A7E84D} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\mcodsax.dll [MCVSRIGHTCLICKSCANNER] -> McAfee, Inc. [Ver = 11,1,124,0 | Size = 198224 bytes | Modified Date = 30/10/2006 17:20:20 | Attr = ] {2F860D81-AF3C-11D4-BDB3-00E0987D8540} [HKLM] -> %ProgramFiles%\UltimateZip 2007\uzshlex.dll [ultimateZip] -> [Ver = | Size = 424448 bytes | Modified Date = 10/04/2005 04:16:20 | Attr = ] < User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform SV1 -> -> < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ {0A604707-A179-471D-A460-13147F1CDD21} -> (802.11g USB 2.0 adapter) -> {2D6336D4-23AE-497F-81EA-C18CCA86FE69} -> () -> {5E0F4F78-8A29-4C6D-92A2-B37C5E9B8B65} -> (802.11g USB 2.0 adapter) -> {6734F6A9-EA4F-4373-946E-9F6CEB0F6345} -> (Broadcom 440x 10/100 Integrated Controller) -> {B40F6BD8-31EC-4CA8-9E02-FC7626A0069C} -> (Carte réseau 1394) -> {E2420C4D-8693-4506-8EB0-2F2A2E0FF6C1} -> (Broadcom 440x 10/100 Integrated Controller) -> {E59DEE3A-994F-4179-95EC-D8C3F3C8F458} -> (802.11g USB 2.0 adapter) -> {FD687EED-3958-4E61-816C-DF1ECAB7827D} -> (Carte réseau 1394) -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found siteadvisor -> %ProgramFiles%\SiteAdvisor\4608\SiteAdv.dll -> McAfee, Inc. [Ver = 2.1.1.35 | Size = 1087064 bytes | Modified Date = 18/11/2006 13:46:34 | Attr = ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {00B71CFB-6864-4346-A978-C0A14556272C} -> - CodeBase = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab -> {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -> McAfee.com Operating System Class - CodeBase = http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab -> {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -> DwnldGroupMgr Class - CodeBase = http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> Shockwave Flash Object - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -> [Files - Created Within 60 days] sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 232 bytes | Created Date = 04/01/2007 19:45:20 | Attr = H ] sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Created Date = 05/01/2007 10:08:08 | Attr = H ] sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Created Date = 19/01/2007 18:41:40 | Attr = H ] sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Created Date = 03/02/2007 11:17:37 | Attr = H ] sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Created Date = 04/01/2007 19:45:20 | Attr = H ] sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Created Date = 05/01/2007 10:08:08 | Attr = H ] sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Created Date = 19/01/2007 18:41:39 | Attr = H ] sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Created Date = 03/02/2007 11:17:37 | Attr = H ] meta4.exe -> %SystemRoot%\meta4.exe -> [Ver = | Size = 217073 bytes | Created Date = 22/01/2007 16:14:44 | Attr = ] MOTA113.exe -> %SystemRoot%\MOTA113.exe -> [Ver = | Size = 66560 bytes | Created Date = 22/01/2007 16:14:45 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1168 bytes | Created Date = 31/12/2006 12:52:50 | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 31/12/2006 12:48:11 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 23/01/2007 21:25:26 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 23/01/2007 21:25:26 | Attr = H ] super.chm -> %SystemRoot%\super.chm -> [Ver = | Size = 9292 bytes | Created Date = 22/01/2007 16:12:03 | Attr = H ] Thumbs.db -> %SystemRoot%\Thumbs.db -> [Ver = | Size = 9728 bytes | Created Date = 31/01/2007 15:49:47 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable -> x2.64.exe -> %SystemRoot%\x2.64.exe -> [Ver = | Size = 502784 bytes | Created Date = 22/01/2007 16:14:44 | Attr = ] ac3DX.ax -> %System32%\ac3DX.ax -> [Ver = 1.01a | Size = 227328 bytes | Created Date = 22/01/2007 16:12:03 | Attr = RHS] AVCDX.ax -> %System32%\AVCDX.ax -> CoreCodec [Ver = 0, 0, 0, 4 | Size = 123904 bytes | Created Date = 22/01/2007 16:12:03 | Attr = RHS] AVSredirect.dll -> %System32%\AVSredirect.dll -> [Ver = | Size = 27648 bytes | Created Date = 22/01/2007 16:14:43 | Attr = ] CoreAAC.ax -> %System32%\CoreAAC.ax -> [Ver = 1, 2, 0, 575 | Size = 175104 bytes | Created Date = 22/01/2007 16:12:04 | Attr = RHS] DiracSplitter.ax -> %System32%\DiracSplitter.ax -> Gabest [Ver = 1, 0, 0, 0 | Size = 179200 bytes | Created Date = 22/01/2007 16:12:05 | Attr = RHS] flvDX.dll -> %System32%\flvDX.dll -> Gabest [Ver = 1, 0, 0, 1 | Size = 163328 bytes | Created Date = 22/01/2007 16:12:06 | Attr = RHS] fmod.dll -> %System32%\fmod.dll -> Firelight Technologies Pty, Ltd [Ver = 3.75 | Size = 162816 bytes | Created Date = 24/01/2007 10:30:17 | Attr = ] i420vfw.dll -> %System32%\i420vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Created Date = 22/01/2007 16:14:43 | Attr = ] java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49248 bytes | Created Date = 29/12/2006 14:38:35 | Attr = ] javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 53346 bytes | Created Date = 29/12/2006 14:38:35 | Attr = ] javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 127078 bytes | Created Date = 29/12/2006 14:38:35 | Attr = ] MatroskaDX.ax -> %System32%\MatroskaDX.ax -> Gabest [Ver = 1, 0, 2, 9 | Size = 169472 bytes | Created Date = 22/01/2007 16:12:06 | Attr = RHS] RealMediaDX.ax -> %System32%\RealMediaDX.ax -> Gabest [Ver = 1, 0, 1, 1 | Size = 161792 bytes | Created Date = 22/01/2007 16:12:07 | Attr = RHS] RLAPEDec.ax -> %System32%\RLAPEDec.ax -> RadLight [Ver = 1, 0, 0, 0 | Size = 54784 bytes | Created Date = 22/01/2007 16:12:08 | Attr = RHS] RLMPCDec.ax -> %System32%\RLMPCDec.ax -> RadLight [Ver = 1, 0, 0, 4 | Size = 37888 bytes | Created Date = 22/01/2007 16:12:08 | Attr = RHS] RLOgg.ax -> %System32%\RLOgg.ax -> RadLight [Ver = 1.0.0.2 | Size = 186880 bytes | Created Date = 22/01/2007 16:12:09 | Attr = RHS] RLSpeexDec.ax -> %System32%\RLSpeexDec.ax -> [Ver = 1, 0, 0, 0 | Size = 51712 bytes | Created Date = 22/01/2007 16:12:10 | Attr = RHS] RLTheoraDec.ax -> %System32%\RLTheoraDec.ax -> RadLight, LLC [Ver = 1, 0, 0, 3 | Size = 67584 bytes | Created Date = 22/01/2007 16:12:10 | Attr = RHS] RLVorbisDec.ax -> %System32%\RLVorbisDec.ax -> RadLight [Ver = 1, 0, 1, 1 | Size = 92672 bytes | Created Date = 22/01/2007 16:12:10 | Attr = RHS] Smab.dll -> %System32%\Smab.dll -> [Ver = | Size = 845312 bytes | Created Date = 22/01/2007 16:14:41 | Attr = ] subst.inf -> %System32%\subst.inf -> [Ver = | Size = 1802 bytes | Created Date = 07/12/2006 22:37:34 | Attr = ] x.264.exe -> %System32%\x.264.exe -> [Ver = | Size = 240128 bytes | Created Date = 22/01/2007 16:14:43 | Attr = ] yv12vfw.dll -> %System32%\yv12vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Created Date = 22/01/2007 16:14:43 | Attr = ] DVDAccss.sys -> %System32%\drivers\DVDAccss.sys -> Apple Computer, Inc. [Ver = 1.5 | Size = 29156 bytes | Created Date = 25/12/2006 02:41:19 | Attr = ] pfc.sys -> %System32%\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 198 | Size = 14572 bytes | Created Date = 25/12/2006 02:41:19 | Attr = ] [Files - Modified Within 60 days] sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 232 bytes | Modified Date = 04/01/2007 19:45:22 | Attr = H ] sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 05/01/2007 10:08:10 | Attr = H ] sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 19/01/2007 18:41:42 | Attr = H ] sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 03/02/2007 11:17:38 | Attr = H ] sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 04/01/2007 19:45:22 | Attr = H ] sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 05/01/2007 10:08:10 | Attr = H ] sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 19/01/2007 18:41:40 | Attr = H ] sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 03/02/2007 11:17:38 | Attr = H ] projectsku.ini -> %CommonProgramFiles%\Roxio Shared\Project Selector\Images\projectsku.ini -> [Ver = | Size = 792 bytes | Modified Date = 03/02/2007 11:17:16 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 04/02/2007 10:27:24 | Attr = S] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1393 bytes | Modified Date = 19/12/2006 23:14:36 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1168 bytes | Modified Date = 31/12/2006 12:52:54 | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 31/12/2006 12:48:12 | Attr = ] Pex.INI -> %SystemRoot%\Pex.INI -> [Ver = | Size = 72 bytes | Modified Date = 01/01/2007 15:18:04 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 23/01/2007 21:25:28 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 02/02/2007 18:29:24 | Attr = H ] super.chm -> %SystemRoot%\super.chm -> [Ver = | Size = 9292 bytes | Modified Date = 04/01/2007 01:49:22 | Attr = H ] Thumbs.db -> %SystemRoot%\Thumbs.db -> [Ver = | Size = 9728 bytes | Modified Date = 31/01/2007 15:49:50 | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable -> win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 740 bytes | Modified Date = 22/01/2007 18:47:26 | Attr = ] Config.MPF -> %System32%\Config.MPF -> [Ver = | Size = 33160 bytes | Modified Date = 04/02/2007 11:14:34 | Attr = ] fmod.dll -> %System32%\fmod.dll -> Firelight Technologies Pty, Ltd [Ver = 3.75 | Size = 162816 bytes | Modified Date = 24/01/2007 10:30:18 | Attr = ] Smab.dll -> %System32%\Smab.dll -> [Ver = | Size = 845312 bytes | Modified Date = 12/12/2006 14:15:08 | Attr = ] Thumbs.db -> %System32%\Thumbs.db -> [Ver = | Size = 5120 bytes | Modified Date = 31/01/2007 15:49:56 | Attr = HS] @Alternate Data Stream - 0 bytes -> %System32%\Thumbs.db:encryptable -> wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 04/02/2007 10:30:32 | Attr = ] USBCRFT.SYS -> %System32%\drivers\USBCRFT.SYS -> ICSI Technology Ltd. [Ver = V2.11.0718 | Size = 17408 bytes | Modified Date = 04/02/2007 10:30:52 | Attr = ] [File String Scan - Non-Microsoft Only] Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 02/03/2006 16:18:34 | Attr = ] USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 09/11/2006 15:38:38 | Attr = ] WSUD , -> %CommonProgramFiles%\Roxio Shared\floatingFX\FloatingEffects.dll -> Roxio [Ver = 1, 1, 1, 6 | Size = 794624 bytes | Modified Date = 13/12/2002 13:46:24 | Attr = R ] Thawte Consulting , -> %CommonProgramFiles%\Teleca Shared\xceedzip.dll -> Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 4.5.81.0 | Size = 406048 bytes | Modified Date = 18/07/2005 14:44:58 | Attr = R ] UPX! , UPX0 , Thawte Consulting , -> %SystemRoot%\iaccess32.exe -> [Ver = 1, 0, 6, 5 | Size = 124376 bytes | Modified Date = 12/05/2006 22:08:54 | Attr = ] UPX! , UPX0 , -> %System32%\ac3DX.ax -> [Ver = 1.01a | Size = 227328 bytes | Modified Date = 12/09/2006 12:46:24 | Attr = RHS] UPX! , UPX0 , -> %System32%\AVCDX.ax -> CoreCodec [Ver = 0, 0, 0, 4 | Size = 123904 bytes | Modified Date = 13/01/2006 00:23:26 | Attr = RHS] UPX! , UPX0 , -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 7, 0 | Size = 306688 bytes | Modified Date = 12/11/2006 13:44:10 | Attr = ] aspack , -> %System32%\BRICE DE NICE.scr -> Axialis Software [Ver = 3, 5, 6, 0 | Size = 497132 bytes | Modified Date = 25/12/2005 21:21:14 | Attr = ] UPX! , UPX0 , -> %System32%\CoreAAC.ax -> [Ver = 1, 2, 0, 575 | Size = 175104 bytes | Modified Date = 16/08/2006 15:53:32 | Attr = RHS] PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 22/07/2003 16:51:54 | Attr = ] UPX! , UPX0 , -> %System32%\DiracSplitter.ax -> Gabest [Ver = 1, 0, 0, 0 | Size = 179200 bytes | Modified Date = 18/01/2005 00:26:36 | Attr = RHS] UPX! , UPX0 , -> %System32%\flvDX.dll -> Gabest [Ver = 1, 0, 0, 1 | Size = 163328 bytes | Modified Date = 03/05/2006 11:06:54 | Attr = RHS] UPX! , UPX0 , -> %System32%\fmod.dll -> Firelight Technologies Pty, Ltd [Ver = 3.75 | Size = 162816 bytes | Modified Date = 24/01/2007 10:30:18 | Attr = ] UPX! , UPX0 , -> %System32%\i420vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Modified Date = 03/01/2004 00:08:00 | Attr = ] UPX! , UPX0 , -> %System32%\Matrix3D.scr -> [Ver = | Size = 1062912 bytes | Modified Date = 05/04/2003 05:36:46 | Attr = ] UPX! , UPX0 , -> %System32%\MatroskaDX.ax -> Gabest [Ver = 1, 0, 2, 9 | Size = 169472 bytes | Modified Date = 10/03/2006 22:48:48 | Attr = RHS] UPX! , UPX0 , -> %System32%\RealMediaDX.ax -> Gabest [Ver = 1, 0, 1, 1 | Size = 161792 bytes | Modified Date = 25/11/2005 21:46:34 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLAPEDec.ax -> RadLight [Ver = 1, 0, 0, 0 | Size = 54784 bytes | Modified Date = 21/11/2003 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLMPCDec.ax -> RadLight [Ver = 1, 0, 0, 4 | Size = 37888 bytes | Modified Date = 27/04/2004 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLOgg.ax -> RadLight [Ver = 1.0.0.2 | Size = 186880 bytes | Modified Date = 13/02/2005 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLSpeexDec.ax -> [Ver = 1, 0, 0, 0 | Size = 51712 bytes | Modified Date = 13/02/2005 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLTheoraDec.ax -> RadLight, LLC [Ver = 1, 0, 0, 3 | Size = 67584 bytes | Modified Date = 13/02/2005 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLVorbisDec.ax -> RadLight [Ver = 1, 0, 1, 1 | Size = 92672 bytes | Modified Date = 06/02/2005 | Attr = RHS] UPX0 , -> %System32%\Voyage of Columbus 3D Screensaver.exe -> 3Planesoft [Ver = 1, 0, 0, 2 | Size = 16995840 bytes | Modified Date = 28/06/2006 12:14:50 | Attr = ] winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 22/07/2003 17:17:18 | Attr = ] UPX! , UPX0 , -> %System32%\x.264.exe -> [Ver = | Size = 240128 bytes | Modified Date = 10/11/2005 13:16:02 | Attr = ] UPX! , UPX0 , -> %System32%\yv12vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Modified Date = 03/01/2004 00:08:00 | Attr = ] WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 22/07/2003 16:47:38 | Attr = ] UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 809394 bytes | Modified Date = 22/07/2003 17:05:30 | Attr = ] PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 04/08/2004 06:41:38 | Attr = ] < End of report > j'ai fait ce que tu m'a conseillé avec Hijackthis. Questions: que cause comme désagrément le virus "patched function" ?, c'est certainement une question de novice, mais pourquoi Mc afee ne l'a t'il pas détecté lorsqu'il a été téléchargé ?????
  3. lesmonchs
    Merci Charles de t'occuper de mon pb ci dessous nouvceau rapport d hijackthis, par contre qd je lance l'option 1 de DIALER, je n'obtiens rien par contre tu me dis que j'ai nettoyé mon PC, mais Mc afee me détecte tjs le virus ????? Logfile of HijackThis v1.99.1 Scan saved at 18:46:51, on 03/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mclogsrv.exe C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\PROGRA~1\McAfee\MSC\mctskshd.exe C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\Program Files\Dell\AccessDirect\dadapp.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\mcafee.com\mps\mscifapp.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\Dit.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Money\System\Money Express.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Apple Computer\DVD@ccess\DVDAccess.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe C:\Program Files\UltimateZip 2007\uzqkst.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Program Files\Inventel\Gateway\WLANCFG.EXE C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe C:\WINDOWS\explorer.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\SiteAdvisor\4608\SiteAdv.exe C:\Program Files\Outlook Express\msimn.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\ULTIMA~1\uzip.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSKAGENTEXE] c:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe O4 - Startup: ADILOOK Français sur disque C.LNK = C:\COKTEL\ADI4OEMP\ADILOOK.EXE O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip 2007\uzqkst.exe O4 - Global Startup: DVD@ccess.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm636YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe alors, qu'en dis tu ?
  4. lesmonchs
    bonsoir, je vois que je ne suis pas le seul à avoir récupérer ce "patched function" , j' ai suivi les intructions de Bruce Lee, donc voici le résultat de Hijackthis et de black light: et également avec "silent runners" merci de votre aide, et j'aimerais bien compendre pourquoi mc afee détecte le virus mais n'arrive pas à le supprimer ??? Résultat Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 14:17:11, on 27/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mclogsrv.exe C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\PROGRA~1\McAfee\MSC\mctskshd.exe C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Program Files\Dell\AccessDirect\dadapp.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\mcafee.com\mps\mscifapp.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\vsnpstd.exe C:\WINDOWS\Dit.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\windows\system32\eouyqjnw.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Program Files\Inventel\Gateway\WLANCFG.EXE C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\McAfee\MSC\mcshell.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" O4 - HKLM\..\Run: [eouyqjnw] c:\windows\system32\eouyqjnw.exe eouyqjnw O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSKAGENTEXE] c:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe O4 - Startup: ADILOOK Français sur disque C.LNK = C:\COKTEL\ADI4OEMP\ADILOOK.EXE O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip 2007\uzqkst.exe O4 - Global Startup: DVD@ccess.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm636YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe resultat: black 01/27/07 14:27:27 [info]: BlackLight Engine 1.0.55 initialized 01/27/07 14:27:27 [info]: OS: 5.1 build 2600 (Service Pack 2) 01/27/07 14:27:28 [Note]: 7019 4 01/27/07 14:27:28 [Note]: 7005 0 01/27/07 14:27:38 [Note]: 7006 0 01/27/07 14:27:38 [Note]: 7011 1640 01/27/07 14:27:38 [Note]: 7026 0 01/27/07 14:27:39 [Note]: 7026 0 01/27/07 14:27:39 [Note]: 7015 2264 01/27/07 14:27:39 [Note]: 7015 87 01/27/07 14:28:01 [Note]: FSRAW library version 1.7.1021 01/27/07 14:44:28 [Note]: 2000 1012 01/27/07 14:46:00 [Note]: 7007 0 rsultat silent runners "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "MSKAGENTEXE" = "c:\PROGRA~1\mcafee\SPAMKI~1\mskagent.exe" ["McAfee Inc."] "WOOKIT" = "C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=" [empty string] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"" [file not found] "MoneyAgent" = ""C:\Program Files\Microsoft Money\System\Money Express.exe"" [MS] "MailSkinner" = "c:\program files\mailskinner\mailskinner.exe" [file not found] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "DadApp" = "C:\Program Files\Dell\AccessDirect\dadapp.exe" [null data] "ATIModeChange" = "Ati2mdxx.exe" ["ATI Technologies, Inc."] "ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."] "SynTPLpr" = "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."] "SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."] "MPSExe" = "c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding" ["McAfee, Inc"] "MSKAGENTEXE" = "C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" ["McAfee Inc."] "MSKDetectorExe" = "C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup" ["McAfee, Inc."] "RoxioEngineUtility" = ""C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"" ["Roxio"] "RoxioDragToDisc" = ""C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"" ["Roxio"] "RoxioAudioCentral" = ""C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"" ["Roxio, Inc."] "WOOWATCH" = "C:\PROGRA~1\Wanadoo\Watch.exe" ["France Télécom R&D"] "WOOTASKBARICON" = "C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe" ["France Télécom R&D"] "snpstd" = "C:\WINDOWS\vsnpstd.exe" [empty string] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "Dit" = "Dit.exe" ["ICSI Technology Ltd."] "Ulead AutoDetector v2" = "C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" ["Ulead Systems, Inc."] "(Default)" = "(empty string)" [file not found] "Sony Ericsson PC Suite" = ""C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions" ["Sony Ericsson Mobile Communications AB"] "SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"" ["Sun Microsystems, Inc."] "(Default)" = (unknown data type) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "AcroIEHlprObj Class" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string] {089FD14D-132B-48FC-8861-0048AE113215}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\SiteAdvisor\4608\SiteAdv.dll" ["McAfee, Inc."] {227B8AA8-DAF2-4892-BD1D-73F568BCB24E}\(Default) = (no title provided) -> {HKLM...CLSID} = "McBrwHelper Class" \InProcServer32\(Default) = "c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll" ["McAfee, Inc"] {3EC8255F-E043-4cae-8B3B-B191550C2A22}\(Default) = (no title provided) -> {HKLM...CLSID} = "McAfee Privacy Service Popup Blocker" \InProcServer32\(Default) = "c:\program files\mcafee.com\mps\popupkiller.dll" ["McAfee, Inc"] {41D68ED8-4CFF-4115-88A6-6EBB8AF19000}\(Default) = (no title provided) -> {HKLM...CLSID} = "McAfee AntiPhishing Filter" \InProcServer32\(Default) = "c:\program files\mcafee\spamkiller\mcapfbho.dll" ["McAfee, Inc."] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll" ["Sun Microsystems, Inc."] {7DB2D5A0-7241-4E79-B68D-6309F01C5231}\(Default) = "scriptproxy" -> {HKLM...CLSID} = "scriptproxy" \InProcServer32\(Default) = "c:\program files\mcafee\virusscan\scriptcl.dll" ["McAfee, Inc."] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = "Windows Live Sign-in Helper" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS] {9394EDE7-C8B5-483E-8773-474BF36AF6E4}\(Default) = (no title provided) -> {HKLM...CLSID} = "ST" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll" [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = "Google Toolbar Helper" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided) -> {HKLM...CLSID} = "MSNToolBandBHO" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "Mes dossiers de partage" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0812.00.dll" [MS] "{A5110426-177D-4e08-AB3F-785F10B4439C}" = "Gestionnaire de fichiers Sony Ericsson" -> {HKLM...CLSID} = "Gestionnaire de fichiers Sony Ericsson" \InProcServer32\(Default) = "C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll" ["Sony Ericsson Mobile Communications AB"] "{2F860D81-AF3C-11D4-BDB3-00E0987D8540}" = "UltimateZip Shell Extension" -> {HKLM...CLSID} = "UltimateZip Shell Extension 1" \InProcServer32\(Default) = "C:\PROGRA~1\ULTIMA~1\uzshlex.dll" [null data] "{2F860D82-AF3C-11D4-BDB3-00E0987D8540}" = "UltimateZip Drag Drop Handler" -> {HKLM...CLSID} = "UltimateZip Drag Drop Handler" \InProcServer32\(Default) = "C:\PROGRA~1\ULTIMA~1\uzshldr.dll" [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ "WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -> {HKLM...CLSID} = "WPDShServiceObj Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ MCVSRIGHTCLICKSCANNER\(Default) = "{162EFDC5-2957-465D-887B-590AF4A7E84D}" -> {HKLM...CLSID} = "McVSRightclickScanner Class" \InProcServer32\(Default) = "c:\PROGRA~1\mcafee\VIRUSS~1\mcodsax.dll" ["McAfee, Inc."] UltimateZip\(Default) = "{2F860D81-AF3C-11D4-BDB3-00E0987D8540}" -> {HKLM...CLSID} = "UltimateZip Shell Extension 1" \InProcServer32\(Default) = "C:\PROGRA~1\ULTIMA~1\uzshlex.dll" [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ MCVSRIGHTCLICKSCANNER\(Default) = "{162EFDC5-2957-465D-887B-590AF4A7E84D}" -> {HKLM...CLSID} = "McVSRightclickScanner Class" \InProcServer32\(Default) = "c:\PROGRA~1\mcafee\VIRUSS~1\mcodsax.dll" ["McAfee, Inc."] NetWareUNCMenu\(Default) = "{e3f2bac0-099f-11cf-8daa-00aa004a5691}" -> {HKLM...CLSID} = "NetWare UNC Folder Menu" \InProcServer32\(Default) = "nwprovau.dll" [MS] UltimateZip\(Default) = "{2F860D81-AF3C-11D4-BDB3-00E0987D8540}" -> {HKLM...CLSID} = "UltimateZip Shell Extension 1" \InProcServer32\(Default) = "C:\PROGRA~1\ULTIMA~1\uzshlex.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\PERSO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\WINDOWS\system32\Matrix3D.scr" [null data] Startup items in "PERSO" & "All Users" startup folders: ------------------------------------------------------- C:\Documents and Settings\PERSO\Menu Démarrer\Programmes\Démarrage "ADILOOK Français sur disque C" -> shortcut to: "C:\COKTEL\ADI4OEMP\ADILOOK.EXE" [empty string] "MSN Pictures Displayer" -> shortcut to: "C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe /P" [empty string] "UltimateZip Quick Start" -> shortcut to: "C:\Program Files\UltimateZip 2007\uzqkst.exe" ["SWE von Schleusen"] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage "DVD@ccess" -> shortcut to: "C:\Program Files\Apple Computer\DVD@ccess\DVDAccess.exe" ["Apple Computer"] "Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS] Enabled Scheduled Tasks: ------------------------ "McDefragTask" -> launches: "C:\WINDOWS\system32\defrag.exe C: -f" ["Microsoft Corp. and Executive Software International, Inc."] "McQcTask" -> launches: "c:\program files\mcafee\mqc\QcConsol.exe 14 0" ["McAfee, Inc."] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: C:\WINDOWS\system32\mclsp.dll ["Networks Associates Technology, Inc"], 01 - 34, 69 %SystemRoot%\system32\mswsock.dll [MS], 35 - 37, 40 - 68 %SystemRoot%\system32\rsvpsp.dll [MS], 38 - 39 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" -> {HKLM...CLSID} = "MSN" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll" [MS] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" -> {HKLM...CLSID} = "Yahoo! Toolbar" \InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = "0" -> {HKLM...CLSID} = "MSN" \InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll" [MS] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided) -> {HKLM...CLSID} = "Yahoo! Toolbar" \InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided) -> {HKLM...CLSID} = "&Google" \InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."] "{0BF43445-2F28-4351-9252-17FE6E806AA0}" = "McAfee SiteAdvisor" -> {HKLM...CLSID} = "McAfee SiteAdvisor" \InProcServer32\(Default) = "C:\Program Files\SiteAdvisor\4608\SiteAdv.dll" ["McAfee, Inc."] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}\(Default) = "Volet Wanadoo" Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar] InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string] HKLM\Software\Classes\CLSID\{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}\(Default) = "ToolBand Class" Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar] InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string] HKLM\Software\Classes\CLSID\{5BF498C0-931E-4A4F-B33F-456D07137EAA}\(Default) = "Volet Wanadoo" Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar] InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\audience\audience.dll" [empty string] Extensions (Tools menu items, main toolbar menu buttons) HKCU\Software\Microsoft\Internet Explorer\Extensions\ {1462651F-F4BA-4C76-A001-C4284D0FE16E}\ "ButtonText" = "Wanadoo" "Exec" = "http://www.wanadoo.fr" [file not found] HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Console Java (Sun)" "CLSIDExtension" = "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.5.0_10" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.5.0_10" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll" ["Sun Microsystems, Inc."] {39FD89BF-D3F1-45B6-BB56-3582CCF489E1}\ "MenuText" = "McAfee AntiPhishing Filter" "CLSIDExtension" = "{7DD73374-7187-4103-8F29-622AA25E7C40}" -> {HKLM...CLSID} = "MyCfgDlgCmdTarget Class" \InProcServer32\(Default) = "c:\program files\mcafee\spamkiller\mcapfbho.dll" ["McAfee, Inc."] Miscellaneous IE Hijack Points ------------------------------ C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings") Added lines (compared with English-language version): [strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/" Missing lines (compared with English-language version): [strings]: 1 line HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\ <<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided) -> {HKLM...CLSID} = "Search Class" \InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\SEARCH~1.DLL" [empty string] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."] France Telecom Routing Table Service, FTRTSVC, "C:\WINDOWS\System32\FTRTSVC.exe" ["France Telecom"] McAfee E-mail Proxy, Emproxy, "C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe" ["McAfee, Inc."] McAfee HackerWatch Service, McAfee HackerWatch Service, ""C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe"" ["McAfee, Inc."] McAfee Log Manager, McLogManagerService, "C:\PROGRA~1\McAfee\MSC\mclogsrv.exe" ["McAfee, Inc."] McAfee Network Agent, McNASvc, ""c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe"" ["McAfee, Inc."] McAfee Personal Firewall Service, MpfService, ""C:\Program Files\McAfee\MPF\MPFSrv.exe"" ["McAfee, Inc."] McAfee Protection Manager, mcpromgr, "C:\PROGRA~1\McAfee\MSC\mcpromgr.exe" ["McAfee, Inc."] McAfee Real-time Scanner, McShield, "C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe" ["McAfee, Inc."] McAfee Redirector Service, McRedirector, "c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe" ["McAfee, Inc."] McAfee Scanner, McODS, "C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe" ["McAfee, Inc."] McAfee SpamKiller Server, MskService, "C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe" ["McAfee Inc."] McAfee SystemGuards, McSysmon, "C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe" ["McAfee, Inc."] McAfee Task Scheduler, McTskshd.exe, "C:\PROGRA~1\McAfee\MSC\mctskshd.exe" ["McAfee, Inc."] McAfee Update Manager, mcmispupdmgr, "C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe" ["McAfee, Inc."] McAfee User Manager, mcusrmgr, "C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe" ["McAfee, Inc."] Service client pour NetWare, NWCWorkstation, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\nwwks.dll" [MS]} Service Messenger Sharing USN Journal Reader, usnsvc, "C:\WINDOWS\system32\svchost.exe -k usnsvc" {"C:\Program Files\MSN Messenger\usnsvc.dll" [MS]} ---------- <<!>>: Suspicious data at a malware launch point. <<H>>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 81 seconds, including 18 seconds for message boxes)
×
×
  • Créer...