Comment desinfecter un virus à l'aide svp
ilhanonur17
Messages postés
60
Date d'inscription
Statut
Membre
Dernière intervention
-
ilhanonur17 Messages postés 60 Date d'inscription Statut Membre Dernière intervention -
ilhanonur17 Messages postés 60 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
je suis infecter par un virus je n'arrive pas a le virer de pc aider moi svp ???
voici les rapports :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Burak at 2009-09-12 14:21:46
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 49 GB (43%) free of 114 GB
Total RAM: 2047 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:22:00, on 12/09/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\DllHost.exe
C:\Users\Burak\Desktop\RSIT.exe
C:\Program Files\trend micro\Burak.exe
C:\Program Files\Windows Media Player\wmplayer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Host Process] C:\Users\Burak\svchost.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
--
End of file - 10333 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Norton Security Scan for Burak.job
C:\Windows\tasks\User_Feed_Synchronization-{4924E8EB-421F-4CDA-B546-D8F2C5174362}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-19 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-12 669168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-06-19 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-22 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2006-03-31 191096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-19 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-03 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]
"Acer Empowering Technology Monitor"=C:\Acer\Empowering Technology\SysMonitor.exe [2007-01-24 319488]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-07 464168]
"Acer Tour"= []
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"eRecoveryService"= []
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-02-15 151552]
"Apanel"=C:\ACERSW\config\NewSetApanel.cmd []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-22 148888]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"MSConfig"=C:\Windows\system32\msconfig.exe [2006-11-02 222208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-02-15 151552]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-19 39408]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-03-11 4608]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [2007-02-08 229376]
"Host Process"=C:\Users\Burak\svchost.exe []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe [2009-02-03 240544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PCM Media Sharing.lnk - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Users\Burak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{365c5fd9-973c-11de-a8fc-001d9204be91}]
shell\AutoRun\command - L:\autorunner.exe "Livret CE.pdf"
======List of files/folders created in the last 1 months======
2009-09-12 14:21:47 ----D---- C:\Program Files\trend micro
2009-09-12 14:21:46 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-09-12 14:21:50 ----D---- C:\Windows\Temp
2009-09-12 14:21:47 ----RD---- C:\Program Files
2009-09-12 06:02:47 ----D---- C:\Windows\system32\drivers
2009-09-12 06:00:26 ----D---- C:\Program Files\Panda Security
2009-09-12 06:00:13 ----SD---- C:\Windows\Downloaded Program Files
2009-09-12 05:30:12 ----D---- C:\Windows\Prefetch
2009-09-12 05:10:40 ----D---- C:\Program Files\Norton Security Scan
2009-09-12 00:11:52 ----SHD---- C:\System Volume Information
2009-09-11 23:18:38 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-09-11 23:17:08 ----D---- C:\Program Files\etmain
2009-09-11 23:09:50 ----D---- C:\Program Files\jaymod
2009-09-02 09:11:35 ----D---- C:\Windows\system32\config
2009-09-02 09:10:43 ----D---- C:\Windows\Tasks
2009-09-02 09:10:43 ----D---- C:\Windows\system32\XPSViewer
2009-09-02 09:10:43 ----D---- C:\Windows\system32\wbem
2009-09-02 09:10:43 ----D---- C:\Windows\system32\tr-TR
2009-09-02 09:10:43 ----D---- C:\Windows\system32\Tasks
2009-09-02 09:10:43 ----D---- C:\Windows\system32\spool
2009-09-02 09:10:43 ----D---- C:\Windows\system
2009-09-02 09:10:43 ----D---- C:\Windows
2009-09-02 09:10:43 ----AD---- C:\Windows\System32
2009-09-02 09:10:42 ----D---- C:\Windows\system32\oobe
2009-09-02 09:10:42 ----D---- C:\Windows\system32\Msdtc
2009-09-02 09:10:42 ----D---- C:\Windows\system32\migwiz
2009-09-02 09:10:42 ----D---- C:\Windows\system32\fr-FR
2009-09-02 09:10:41 ----D---- C:\Windows\system32\en-US
2009-09-02 09:10:40 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-02 09:10:36 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-02 09:10:33 ----SHD---- C:\Windows\Installer
2009-09-02 09:10:33 ----RSD---- C:\Windows\Media
2009-09-02 09:10:33 ----RSD---- C:\Windows\Fonts
2009-09-02 09:10:33 ----RD---- C:\Windows\Offline Web Pages
2009-09-02 09:10:33 ----D---- C:\Windows\servicing
2009-09-02 09:10:33 ----D---- C:\Windows\MSAgent
2009-09-02 09:10:33 ----D---- C:\Windows\L2Schemas
2009-09-02 09:10:33 ----D---- C:\Windows\inf
2009-09-02 09:10:33 ----D---- C:\Windows\IME
2009-09-02 09:10:33 ----D---- C:\Windows\fr-FR
2009-09-02 09:10:32 ----RSD---- C:\Windows\assembly
2009-09-02 09:10:32 ----D---- C:\Windows\ehome
2009-09-02 09:10:32 ----D---- C:\Windows\Cursors
2009-09-02 09:10:27 ----RD---- C:\Users
2009-09-02 09:10:27 ----D---- C:\Windows\AppPatch
2009-09-02 09:10:25 ----D---- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2009-09-02 09:10:24 ----D---- C:\Program Files\WinSCP
2009-09-02 09:10:24 ----D---- C:\Program Files\WinRAR
2009-09-02 09:10:24 ----D---- C:\Program Files\Windows Sidebar
2009-09-02 09:10:24 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-02 09:10:24 ----D---- C:\Program Files\Windows Media Player
2009-09-02 09:10:23 ----D---- C:\Program Files\Windows Mail
2009-09-02 09:10:22 ----D---- C:\Program Files\QuickTime
2009-09-02 09:10:22 ----D---- C:\Program Files\PC Connectivity Solution
2009-09-02 09:10:22 ----D---- C:\Program Files\Messenger Plus! Live
2009-09-02 09:10:22 ----D---- C:\Program Files\ma-config.com
2009-09-02 09:10:21 ----D---- C:\Program Files\iTunes
2009-09-02 09:10:21 ----D---- C:\Program Files\FlashFXP
2009-09-02 09:10:21 ----D---- C:\Program Files\CommView
2009-09-02 09:10:20 ----D---- C:\Program Files\Common Files\LightScribe
2009-09-02 09:10:20 ----D---- C:\Program Files\Bonjour
2009-09-02 09:10:20 ----D---- C:\Program Files\BitLord
2009-09-02 09:10:19 ----D---- C:\Program Files\Apple Software Update
2009-09-02 09:10:19 ----D---- C:\Program Files\AC3Filter
2009-09-02 09:09:18 ----D---- C:\Windows\registration
2009-09-02 09:09:14 ----D---- C:\Windows\winsxs
2009-09-02 09:09:13 ----HD---- C:\ProgramData
2009-09-02 09:09:13 ----D---- C:\Users\Burak\AppData\Roaming\Nero
2009-09-02 09:09:13 ----D---- C:\ProgramData\Apple Computer
2009-09-02 09:09:13 ----D---- C:\Program Files\KC Softwares
2009-09-02 09:09:12 ----D---- C:\Program Files\URUSoft
2009-09-02 09:09:12 ----D---- C:\Program Files\Common Files\Nero
2009-09-02 09:09:11 ----D---- C:\Users\Burak\AppData\Roaming\Talkback
2009-09-02 09:09:11 ----D---- C:\Users\Burak\AppData\Roaming\Sun
2009-09-02 09:09:11 ----D---- C:\Program Files\LimeWire
2009-09-02 09:09:11 ----D---- C:\Program Files\Java
2009-09-02 09:09:11 ----D---- C:\Program Files\DivX
2009-09-02 09:09:10 ----SD---- C:\Users\Burak\AppData\Roaming\Microsoft
2009-09-02 09:09:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-02 09:09:10 ----D---- C:\Users\Burak\AppData\Roaming\Mozilla
2009-09-02 09:09:10 ----D---- C:\Users\Burak\AppData\Roaming\Macromedia
2009-09-02 09:09:10 ----D---- C:\Program Files\Windows NT
2009-09-02 09:09:04 ----D---- C:\Windows\Web
2009-09-02 09:09:04 ----D---- C:\Windows\system32\SMI
2009-09-02 09:09:04 ----D---- C:\Windows\system32\RemInst
2009-09-02 09:09:04 ----D---- C:\Windows\system32\licensing
2009-09-02 09:09:04 ----D---- C:\Windows\system32\IME
2009-09-02 09:09:04 ----D---- C:\Windows\PLA
2009-09-02 09:09:04 ----D---- C:\Windows\Performance
2009-09-02 09:09:04 ----D---- C:\Windows\Help
2009-09-02 09:09:04 ----D---- C:\Windows\Boot
2009-09-02 09:09:04 ----D---- C:\Users\Burak\AppData\Roaming\Adobe
2009-09-02 09:09:03 ----SD---- C:\ProgramData\Microsoft
2009-09-02 09:09:03 ----D---- C:\Program Files\Windows Journal
2009-09-02 09:09:03 ----D---- C:\Program Files\Windows Collaboration
2009-09-02 09:09:03 ----D---- C:\Program Files\Windows Calendar
2009-09-02 09:09:03 ----D---- C:\Program Files\Reference Assemblies
2009-09-02 09:09:03 ----D---- C:\Program Files\NewTech Infosystems
2009-09-02 09:09:03 ----D---- C:\Program Files\Movie Maker
2009-09-02 09:09:03 ----D---- C:\Program Files\Microsoft Works
2009-09-02 09:09:03 ----D---- C:\Program Files\Microsoft Office
2009-09-02 09:09:02 ----D---- C:\Program Files\Microsoft Games
2009-09-02 09:09:02 ----D---- C:\Program Files\eSobi
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\System
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\NewTech Infosystems
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files
2009-09-02 09:09:02 ----D---- C:\Program Files\Acer Arcade Live
2009-09-02 09:09:02 ----D---- C:\ATI
2009-09-01 23:16:34 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-10-31 110096]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 TsVp;TsVp; C:\Windows\system32\DRIVERS\tsvp.sys [2007-01-19 27432]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
R3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2007-10-12 1920920]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
R3 LVUVC;Logitech QuickCam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2007-07-19 3599000]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-04-24 6144]
R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\Windows\system32\DRIVERS\WlanUZXP.sys [2005-05-14 260608]
R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft; C:\Windows\system32\DRIVERS\tscomm.sys [2007-03-09 40232]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-09 194560]
S3 a7veui25;a7veui25; C:\Windows\system32\drivers\a7veui25.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys [2006-12-07 19240]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-09-02 15352]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
S3 RT73;MSI US54SE II Wireless Adapter; C:\Windows\system32\DRIVERS\rt73.sys []
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 TsVlb;TsVlb; C:\Windows\system32\DRIVERS\tsvlb.sys [2006-12-11 20264]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-12-29 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-21 700416]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-07 457512]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-19 182768]
S4 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
S4 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
S4 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-01-05 66872]
S4 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2006-11-02 174656]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-09 143360]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-02-08 212480]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
-----------------EOF-----------------
et le rapport mbam :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2786
Windows 6.0.6000
12/09/2009 22:33:54
mbam-log-2009-09-12 (22-33-54).txt
Type de recherche: Examen rapide
Eléments examinés: 84799
Temps écoulé: 3 minute(s), 37 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\host process (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Burak\services.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Merci d'avance.
je suis infecter par un virus je n'arrive pas a le virer de pc aider moi svp ???
voici les rapports :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Burak at 2009-09-12 14:21:46
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 49 GB (43%) free of 114 GB
Total RAM: 2047 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:22:00, on 12/09/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\DllHost.exe
C:\Users\Burak\Desktop\RSIT.exe
C:\Program Files\trend micro\Burak.exe
C:\Program Files\Windows Media Player\wmplayer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Host Process] C:\Users\Burak\svchost.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
--
End of file - 10333 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Norton Security Scan for Burak.job
C:\Windows\tasks\User_Feed_Synchronization-{4924E8EB-421F-4CDA-B546-D8F2C5174362}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-19 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-12 669168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-06-19 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-22 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2006-03-31 191096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-19 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-03 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]
"Acer Empowering Technology Monitor"=C:\Acer\Empowering Technology\SysMonitor.exe [2007-01-24 319488]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-07 464168]
"Acer Tour"= []
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"eRecoveryService"= []
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-02-15 151552]
"Apanel"=C:\ACERSW\config\NewSetApanel.cmd []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-22 148888]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"MSConfig"=C:\Windows\system32\msconfig.exe [2006-11-02 222208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-02-15 151552]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-19 39408]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-03-11 4608]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe [2007-02-08 229376]
"Host Process"=C:\Users\Burak\svchost.exe []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe [2009-02-03 240544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PCM Media Sharing.lnk - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Users\Burak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{365c5fd9-973c-11de-a8fc-001d9204be91}]
shell\AutoRun\command - L:\autorunner.exe "Livret CE.pdf"
======List of files/folders created in the last 1 months======
2009-09-12 14:21:47 ----D---- C:\Program Files\trend micro
2009-09-12 14:21:46 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-09-12 14:21:50 ----D---- C:\Windows\Temp
2009-09-12 14:21:47 ----RD---- C:\Program Files
2009-09-12 06:02:47 ----D---- C:\Windows\system32\drivers
2009-09-12 06:00:26 ----D---- C:\Program Files\Panda Security
2009-09-12 06:00:13 ----SD---- C:\Windows\Downloaded Program Files
2009-09-12 05:30:12 ----D---- C:\Windows\Prefetch
2009-09-12 05:10:40 ----D---- C:\Program Files\Norton Security Scan
2009-09-12 00:11:52 ----SHD---- C:\System Volume Information
2009-09-11 23:18:38 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-09-11 23:17:08 ----D---- C:\Program Files\etmain
2009-09-11 23:09:50 ----D---- C:\Program Files\jaymod
2009-09-02 09:11:35 ----D---- C:\Windows\system32\config
2009-09-02 09:10:43 ----D---- C:\Windows\Tasks
2009-09-02 09:10:43 ----D---- C:\Windows\system32\XPSViewer
2009-09-02 09:10:43 ----D---- C:\Windows\system32\wbem
2009-09-02 09:10:43 ----D---- C:\Windows\system32\tr-TR
2009-09-02 09:10:43 ----D---- C:\Windows\system32\Tasks
2009-09-02 09:10:43 ----D---- C:\Windows\system32\spool
2009-09-02 09:10:43 ----D---- C:\Windows\system
2009-09-02 09:10:43 ----D---- C:\Windows
2009-09-02 09:10:43 ----AD---- C:\Windows\System32
2009-09-02 09:10:42 ----D---- C:\Windows\system32\oobe
2009-09-02 09:10:42 ----D---- C:\Windows\system32\Msdtc
2009-09-02 09:10:42 ----D---- C:\Windows\system32\migwiz
2009-09-02 09:10:42 ----D---- C:\Windows\system32\fr-FR
2009-09-02 09:10:41 ----D---- C:\Windows\system32\en-US
2009-09-02 09:10:40 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-02 09:10:36 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-02 09:10:33 ----SHD---- C:\Windows\Installer
2009-09-02 09:10:33 ----RSD---- C:\Windows\Media
2009-09-02 09:10:33 ----RSD---- C:\Windows\Fonts
2009-09-02 09:10:33 ----RD---- C:\Windows\Offline Web Pages
2009-09-02 09:10:33 ----D---- C:\Windows\servicing
2009-09-02 09:10:33 ----D---- C:\Windows\MSAgent
2009-09-02 09:10:33 ----D---- C:\Windows\L2Schemas
2009-09-02 09:10:33 ----D---- C:\Windows\inf
2009-09-02 09:10:33 ----D---- C:\Windows\IME
2009-09-02 09:10:33 ----D---- C:\Windows\fr-FR
2009-09-02 09:10:32 ----RSD---- C:\Windows\assembly
2009-09-02 09:10:32 ----D---- C:\Windows\ehome
2009-09-02 09:10:32 ----D---- C:\Windows\Cursors
2009-09-02 09:10:27 ----RD---- C:\Users
2009-09-02 09:10:27 ----D---- C:\Windows\AppPatch
2009-09-02 09:10:25 ----D---- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2009-09-02 09:10:24 ----D---- C:\Program Files\WinSCP
2009-09-02 09:10:24 ----D---- C:\Program Files\WinRAR
2009-09-02 09:10:24 ----D---- C:\Program Files\Windows Sidebar
2009-09-02 09:10:24 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-02 09:10:24 ----D---- C:\Program Files\Windows Media Player
2009-09-02 09:10:23 ----D---- C:\Program Files\Windows Mail
2009-09-02 09:10:22 ----D---- C:\Program Files\QuickTime
2009-09-02 09:10:22 ----D---- C:\Program Files\PC Connectivity Solution
2009-09-02 09:10:22 ----D---- C:\Program Files\Messenger Plus! Live
2009-09-02 09:10:22 ----D---- C:\Program Files\ma-config.com
2009-09-02 09:10:21 ----D---- C:\Program Files\iTunes
2009-09-02 09:10:21 ----D---- C:\Program Files\FlashFXP
2009-09-02 09:10:21 ----D---- C:\Program Files\CommView
2009-09-02 09:10:20 ----D---- C:\Program Files\Common Files\LightScribe
2009-09-02 09:10:20 ----D---- C:\Program Files\Bonjour
2009-09-02 09:10:20 ----D---- C:\Program Files\BitLord
2009-09-02 09:10:19 ----D---- C:\Program Files\Apple Software Update
2009-09-02 09:10:19 ----D---- C:\Program Files\AC3Filter
2009-09-02 09:09:18 ----D---- C:\Windows\registration
2009-09-02 09:09:14 ----D---- C:\Windows\winsxs
2009-09-02 09:09:13 ----HD---- C:\ProgramData
2009-09-02 09:09:13 ----D---- C:\Users\Burak\AppData\Roaming\Nero
2009-09-02 09:09:13 ----D---- C:\ProgramData\Apple Computer
2009-09-02 09:09:13 ----D---- C:\Program Files\KC Softwares
2009-09-02 09:09:12 ----D---- C:\Program Files\URUSoft
2009-09-02 09:09:12 ----D---- C:\Program Files\Common Files\Nero
2009-09-02 09:09:11 ----D---- C:\Users\Burak\AppData\Roaming\Talkback
2009-09-02 09:09:11 ----D---- C:\Users\Burak\AppData\Roaming\Sun
2009-09-02 09:09:11 ----D---- C:\Program Files\LimeWire
2009-09-02 09:09:11 ----D---- C:\Program Files\Java
2009-09-02 09:09:11 ----D---- C:\Program Files\DivX
2009-09-02 09:09:10 ----SD---- C:\Users\Burak\AppData\Roaming\Microsoft
2009-09-02 09:09:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-02 09:09:10 ----D---- C:\Users\Burak\AppData\Roaming\Mozilla
2009-09-02 09:09:10 ----D---- C:\Users\Burak\AppData\Roaming\Macromedia
2009-09-02 09:09:10 ----D---- C:\Program Files\Windows NT
2009-09-02 09:09:04 ----D---- C:\Windows\Web
2009-09-02 09:09:04 ----D---- C:\Windows\system32\SMI
2009-09-02 09:09:04 ----D---- C:\Windows\system32\RemInst
2009-09-02 09:09:04 ----D---- C:\Windows\system32\licensing
2009-09-02 09:09:04 ----D---- C:\Windows\system32\IME
2009-09-02 09:09:04 ----D---- C:\Windows\PLA
2009-09-02 09:09:04 ----D---- C:\Windows\Performance
2009-09-02 09:09:04 ----D---- C:\Windows\Help
2009-09-02 09:09:04 ----D---- C:\Windows\Boot
2009-09-02 09:09:04 ----D---- C:\Users\Burak\AppData\Roaming\Adobe
2009-09-02 09:09:03 ----SD---- C:\ProgramData\Microsoft
2009-09-02 09:09:03 ----D---- C:\Program Files\Windows Journal
2009-09-02 09:09:03 ----D---- C:\Program Files\Windows Collaboration
2009-09-02 09:09:03 ----D---- C:\Program Files\Windows Calendar
2009-09-02 09:09:03 ----D---- C:\Program Files\Reference Assemblies
2009-09-02 09:09:03 ----D---- C:\Program Files\NewTech Infosystems
2009-09-02 09:09:03 ----D---- C:\Program Files\Movie Maker
2009-09-02 09:09:03 ----D---- C:\Program Files\Microsoft Works
2009-09-02 09:09:03 ----D---- C:\Program Files\Microsoft Office
2009-09-02 09:09:02 ----D---- C:\Program Files\Microsoft Games
2009-09-02 09:09:02 ----D---- C:\Program Files\eSobi
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\System
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\NewTech Infosystems
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-02 09:09:02 ----D---- C:\Program Files\Common Files
2009-09-02 09:09:02 ----D---- C:\Program Files\Acer Arcade Live
2009-09-02 09:09:02 ----D---- C:\ATI
2009-09-01 23:16:34 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-10-31 110096]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 TsVp;TsVp; C:\Windows\system32\DRIVERS\tsvp.sys [2007-01-19 27432]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
R3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2007-10-12 1920920]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
R3 LVUVC;Logitech QuickCam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2007-07-19 3599000]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-04-24 6144]
R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\Windows\system32\DRIVERS\WlanUZXP.sys [2005-05-14 260608]
R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft; C:\Windows\system32\DRIVERS\tscomm.sys [2007-03-09 40232]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-09 194560]
S3 a7veui25;a7veui25; C:\Windows\system32\drivers\a7veui25.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys [2006-12-07 19240]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-09-02 15352]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
S3 RT73;MSI US54SE II Wireless Adapter; C:\Windows\system32\DRIVERS\rt73.sys []
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 TsVlb;TsVlb; C:\Windows\system32\DRIVERS\tsvlb.sys [2006-12-11 20264]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-12-29 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-21 700416]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-07 457512]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-19 182768]
S4 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
S4 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
S4 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-01-05 66872]
S4 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2006-11-02 174656]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-09 143360]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-02-08 212480]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
-----------------EOF-----------------
et le rapport mbam :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2786
Windows 6.0.6000
12/09/2009 22:33:54
mbam-log-2009-09-12 (22-33-54).txt
Type de recherche: Examen rapide
Eléments examinés: 84799
Temps écoulé: 3 minute(s), 37 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\host process (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Burak\services.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Merci d'avance.
Configuration: Windows Vista Internet Explorer 7.0
A voir également:
- Comment desinfecter un virus à l'aide svp
- Virus mcafee - Accueil - Piratage
- Comment détruire un virus informatique - Guide
- Impossible de terminer l'opération car le fichier contient un virus ✓ - Forum Virus
- Comment supprimer fausse alerte virus - Forum Virus
- Filezilla virus ✓ - Forum Virus
9 réponses
Télécharge Kapersky antie virus la demo et tu fait analyse complète tu copie la conclusion et tu me la colle ici merci ^^
la restauration ne marche pas ca ne change rien du tout j'avait plus de connection internet j'ai du reparer les sock avec sockfix pour de nouveau reussir a me connecter. Est ce que je peut faire le scan avec bitdefender en ligne et je tenvoi le rapport ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voila le rapport du journal :
BitDefender - Fichier journal
Produit : BitDefender Total Security 2009
Version : BitDefender UIScanner v.12
Tâche d'analyse : Analyse approfondie
Date du journal : 13/09/2009 00:07:26
Chemin du journal : C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\deep_scan\1252793246_1_02.xml
Analyse des chemins :Chemin 0000: C:\
Chemin 0001: D:\
Options d’analyse :Détecter les virus : Oui
Détecter les adwares : Oui
Détecter les spywares : Oui
Analyser les applications : Oui
Détecter les dialers : Oui
Détecter les rootkits : Oui
Options de sélection de cible :Analyser les clés du registre : Oui
Analyser les cookies : Oui
Analyser les secteurs de boot : Oui
Analyser les processus mémoire : Oui
Analyser les archives : Oui
Analyser les fichiers enpaquetés : Oui
Analyser les e-mails : Non
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées :
Extensions exclues :
Traitement de la cible :Action par défaut pour les objets infectés : Désinfecter
Action par défaut pour les objets suspects : Aucune
Action par défaut pour les objets camouflés : Aucune
Action par défaut pour les objets infectés : Aucune
Action par défaut pour les objets suspects encryptés : Aucune
Action par défaut pour les objets protégés par mot de passe : Enregistrer comme non analysé
Résumé de l'analyseNombre de signatures de virus : 4151088
Plugins archives : 45
Plugins e-mail : 6
Plugins d'analyse : 13
Plugins système : 5
Plugins de décompression : 7
Résumé de l'analyse généraleEléments analysés : 319602
Eléments infectés : 10
Eléments suspects : 0
Eléments résolus : 3
Éléments non résolus : 13
Eléments protégés : 0
Éléments ultra-compressés : 6
Virus individuels trouvés : 7
Répertoires analysés : 19517
Secteur de boot analysés : 4
Archives analysés : 3076
Erreurs I/O : 74
Temps d'analyse : 00:51:19
Fichiers par seconde : 103
Résumé des processus analysésAnalysé : 62
Infecté : 0
Résumé des clés de registre analyséesAnalysé : 1246
Infecté : 0
Résumé des cookies analysésAnalysé : 5
Infecté : 0
Problèmes non résolus :Nom de l'objet Nom de la menace État final
C:\Users\Burak\Documents\Mes fichiers reçus\TeamViewer_Setup.rar=]TeamViewer_Setup.exe Dropped:Trojan.Generic.1997630 Aucune action possible
C:\Users\Burak\Documents\LimeWire\Saved\sevdam sana pusat olur.mp3 Trojan.Downloader.WMA.Wimad.N Aucune action possible
C:\Users\Burak\Shared\Nouveau dossier\desire go higher.mp3 Trojan.Downloader.WMA.Wimad.N Aucune action possible
C:\Users\Burak\Shared\Nouveau dossier\ghetto moudjahidine.mp3 Trojan.Downloader.WMA.Wimad.N Aucune action possible
C:\Users\Burak\Incomplete\T-3545425-yildiz tilbe giderim 2008.mp3 Trojan.Downloader.WMA.Wimad.S Aucune action possible
C:\Users\Burak\Documents\LimeWire\Saved\kamelancien hakim.mp3 Trojan.Downloader.Wimad.A Aucune action possible
D:\Logiciel\Xilisoft 3GP Video Converter v3.1.28.rar=]Xilisoft 3GP Video Converter v3.1.28\Xilisoft Video Converter Keygen\Xilisoft Video Converter Keygen.exe Trojan.Generic.1198489 Échec de la suppression (fichier dans une archive)
Problèmes résolusNom de l'objet Nom de la menace État final
C:\Users\Burak\'\00jj99uuii66ddxxqqq.zip=]Crack.exe Trojan.Agent.AFSZ Supprimé
C:\Users\Burak\Shared\Nouveau dossier\02 Track 2.wma Trojan.Downloader.Wimad.H Déplacé(s) en quarantaine
C:\Users\Burak\Shared\Nouveau dossier\07 Track 7.wma Trojan.Downloader.Wimad.H Déplacé(s) en quarantaine
Objets non scannés :Nom de l'objet Raison État final
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\16_9\AbstractCircle\abstractcircle_3ds.7z=]abstractcircle_title5.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\16_9\AbstractPipes\abstractpipes_3ds.7z=]abstractpipes_title3.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\16_9\Monitors\monitors_3ds.7z=]monitors_menu_to_sub3.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\4_3\AbstractCircle\abstractcircle_3ds.7z=]abstractcircle_title3.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\4_3\AbstractPipes\abstractpipes_3ds.7z=]abstractpipes_menu_to_sub4.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\4_3\Monitors\monitors_3ds.7z=]monitors_menu_to_sub3.3ds Ultracompressé Pas analysé
merci encore.
BitDefender - Fichier journal
Produit : BitDefender Total Security 2009
Version : BitDefender UIScanner v.12
Tâche d'analyse : Analyse approfondie
Date du journal : 13/09/2009 00:07:26
Chemin du journal : C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\deep_scan\1252793246_1_02.xml
Analyse des chemins :Chemin 0000: C:\
Chemin 0001: D:\
Options d’analyse :Détecter les virus : Oui
Détecter les adwares : Oui
Détecter les spywares : Oui
Analyser les applications : Oui
Détecter les dialers : Oui
Détecter les rootkits : Oui
Options de sélection de cible :Analyser les clés du registre : Oui
Analyser les cookies : Oui
Analyser les secteurs de boot : Oui
Analyser les processus mémoire : Oui
Analyser les archives : Oui
Analyser les fichiers enpaquetés : Oui
Analyser les e-mails : Non
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées :
Extensions exclues :
Traitement de la cible :Action par défaut pour les objets infectés : Désinfecter
Action par défaut pour les objets suspects : Aucune
Action par défaut pour les objets camouflés : Aucune
Action par défaut pour les objets infectés : Aucune
Action par défaut pour les objets suspects encryptés : Aucune
Action par défaut pour les objets protégés par mot de passe : Enregistrer comme non analysé
Résumé de l'analyseNombre de signatures de virus : 4151088
Plugins archives : 45
Plugins e-mail : 6
Plugins d'analyse : 13
Plugins système : 5
Plugins de décompression : 7
Résumé de l'analyse généraleEléments analysés : 319602
Eléments infectés : 10
Eléments suspects : 0
Eléments résolus : 3
Éléments non résolus : 13
Eléments protégés : 0
Éléments ultra-compressés : 6
Virus individuels trouvés : 7
Répertoires analysés : 19517
Secteur de boot analysés : 4
Archives analysés : 3076
Erreurs I/O : 74
Temps d'analyse : 00:51:19
Fichiers par seconde : 103
Résumé des processus analysésAnalysé : 62
Infecté : 0
Résumé des clés de registre analyséesAnalysé : 1246
Infecté : 0
Résumé des cookies analysésAnalysé : 5
Infecté : 0
Problèmes non résolus :Nom de l'objet Nom de la menace État final
C:\Users\Burak\Documents\Mes fichiers reçus\TeamViewer_Setup.rar=]TeamViewer_Setup.exe Dropped:Trojan.Generic.1997630 Aucune action possible
C:\Users\Burak\Documents\LimeWire\Saved\sevdam sana pusat olur.mp3 Trojan.Downloader.WMA.Wimad.N Aucune action possible
C:\Users\Burak\Shared\Nouveau dossier\desire go higher.mp3 Trojan.Downloader.WMA.Wimad.N Aucune action possible
C:\Users\Burak\Shared\Nouveau dossier\ghetto moudjahidine.mp3 Trojan.Downloader.WMA.Wimad.N Aucune action possible
C:\Users\Burak\Incomplete\T-3545425-yildiz tilbe giderim 2008.mp3 Trojan.Downloader.WMA.Wimad.S Aucune action possible
C:\Users\Burak\Documents\LimeWire\Saved\kamelancien hakim.mp3 Trojan.Downloader.Wimad.A Aucune action possible
D:\Logiciel\Xilisoft 3GP Video Converter v3.1.28.rar=]Xilisoft 3GP Video Converter v3.1.28\Xilisoft Video Converter Keygen\Xilisoft Video Converter Keygen.exe Trojan.Generic.1198489 Échec de la suppression (fichier dans une archive)
Problèmes résolusNom de l'objet Nom de la menace État final
C:\Users\Burak\'\00jj99uuii66ddxxqqq.zip=]Crack.exe Trojan.Agent.AFSZ Supprimé
C:\Users\Burak\Shared\Nouveau dossier\02 Track 2.wma Trojan.Downloader.Wimad.H Déplacé(s) en quarantaine
C:\Users\Burak\Shared\Nouveau dossier\07 Track 7.wma Trojan.Downloader.Wimad.H Déplacé(s) en quarantaine
Objets non scannés :Nom de l'objet Raison État final
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\16_9\AbstractCircle\abstractcircle_3ds.7z=]abstractcircle_title5.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\16_9\AbstractPipes\abstractpipes_3ds.7z=]abstractpipes_title3.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\16_9\Monitors\monitors_3ds.7z=]monitors_menu_to_sub3.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\4_3\AbstractCircle\abstractcircle_3ds.7z=]abstractcircle_title3.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\4_3\AbstractPipes\abstractpipes_3ds.7z=]abstractpipes_menu_to_sub4.3ds Ultracompressé Pas analysé
C:\Program Files\Nero\Nero8\Templates\Smart3D\Menus\4_3\Monitors\monitors_3ds.7z=]monitors_menu_to_sub3.3ds Ultracompressé Pas analysé
merci encore.
mais le soucis c'est jai tout de meme 4 ou 5 virus qu'il na pas reussi a supprimer et ni a mettre en quarantaine :(
Téléchargez Rooter (IDN) sur votre bureau :
/|\ Déconnectez l'Internet et fermez toutes applications en cours /|\
• Lancez Rooter et laissez le aller,
► Postez le rapport( C:\ Rooter.txt).
______________________________________________________________
Téléchargez RSIT (de random/random) sur votre bureau.
• Double cliquez sur RSIT.exe,
• Appuyez sur [Continue] à l'écran « Disclaimer »,
• RSIT téléchargera HijackThis (s’il n’est pas installé) -> acceptez la licence,
>> le rapport Log.txt va s'ouvrir à l'écran..
► Postez ce rapport, aussi disponible dans C:\RSIT\..
/|\ Déconnectez l'Internet et fermez toutes applications en cours /|\
• Lancez Rooter et laissez le aller,
► Postez le rapport( C:\ Rooter.txt).
______________________________________________________________
Téléchargez RSIT (de random/random) sur votre bureau.
• Double cliquez sur RSIT.exe,
• Appuyez sur [Continue] à l'écran « Disclaimer »,
• RSIT téléchargera HijackThis (s’il n’est pas installé) -> acceptez la licence,
>> le rapport Log.txt va s'ouvrir à l'écran..
► Postez ce rapport, aussi disponible dans C:\RSIT\..
j'ai fait ce que tu ma dit voici le rapport de Rooter (idn) :
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows Vista Home Edition (6.0.6000)
[32_bits] - x86 Family 6 Model 15 Stepping 11, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Disabled !
Windows Defender -> Disabled !
User Account Control (UAC) -> Enabled
.
Internet Explorer 7.0.6000.16851
.
C:\ [Fixed-NTFS] .. ( Total:111 Go - Free:48 Go )
D:\ [Fixed-NTFS] .. ( Total:111 Go - Free:60 Go )
E:\ [CD_Rom]
F:\ [Removable]
G:\ [Removable]
H:\ [Removable]
I:\ [Removable]
J:\ [CD_Rom]
.
Scan : 06:57.58
Path : C:\Users\Burak\Desktop\Rooter.exe
User : Burak ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \SystemRoot\System32\smss.exe (524)
______ C:\Windows\system32\csrss.exe (628)
______ C:\Windows\SYSTEM32\wininit.exe (684)
______ C:\Windows\system32\csrss.exe (696)
______ C:\Windows\system32\services.exe (728)
______ C:\Windows\system32\lsass.exe (740)
______ C:\Windows\system32\lsm.exe (748)
______ C:\Windows\system32\svchost.exe (896)
______ C:\Windows\system32\svchost.exe (956)
______ C:\Windows\system32\Ati2evxx.exe (1048)
______ C:\Windows\System32\svchost.exe (1064)
______ C:\Windows\System32\svchost.exe (1088)
______ C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (1100)
______ C:\Windows\SYSTEM32\winlogon.exe (1152)
______ C:\Windows\system32\svchost.exe (1172)
Locked audiodg.exe (1240)
______ C:\Windows\system32\SLsvc.exe (1268)
______ C:\Windows\system32\svchost.exe (1372)
______ C:\Windows\system32\svchost.exe (1388)
______ C:\Windows\System32\spoolsv.exe (1616)
______ C:\Windows\system32\svchost.exe (1640)
______ C:\Windows\system32\Dwm.exe (1744)
______ C:\Windows\Explorer.EXE (460)
______ C:\Windows\RtHDVCpl.exe (952)
______ C:\Acer\Empowering Technology\SysMonitor.exe (1924)
______ C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (1896)
______ C:\Program Files\Java\jre6\bin\jusched.exe (1356)
______ C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe (2052)
______ C:\Program Files\Logitech\QuickCam\Quickcam.exe (2072)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (2152)
Locked bdagent.exe (2228)
______ C:\Program Files\Windows Sidebar\sidebar.exe (2244)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2260)
______ C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe (2320)
______ C:\Program Files\Windows Media Player\wmpnscfg.exe (2328)
______ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (2364)
______ C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe (2396)
______ C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE (2672)
______ C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (3032)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (3092)
______ C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (3540)
______ C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (3560)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (3624)
______ C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (3852)
______ C:\Windows\system32\svchost.exe (3888)
______ C:\Windows\system32\svchost.exe (3904)
______ C:\Windows\System32\svchost.exe (4076)
______ C:\Windows\system32\SearchIndexer.exe (1864)
______ C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (1912)
______ C:\Windows\system32\WUDFHost.exe (2484)
______ C:\Windows\SYSTEM32\taskeng.exe (2516)
______ C:\Program Files\Windows Media Player\wmpnetwk.exe (1036)
______ C:\Windows\SYSTEM32\taskeng.exe (3372)
______ C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe (5984)
______ C:\Program Files\Internet Explorer\ieuser.exe (3968)
______ C:\ProgramData\Google\Google Toolbar\Update\gtb73FA.tmp.exe (3396)
Locked vsserv.exe (4316)
Locked livesrv.exe (5684)
______ C:\Windows\servicing\TrustedInstaller.exe (5560)
______ C:\Windows\system32\NOTEPAD.EXE (6880)
______ C:\Windows\system32\SearchProtocolHost.exe (7552)
______ C:\Windows\system32\SearchFilterHost.exe (7608)
______ C:\Windows\system32\wbem\wmiprvse.exe (3288)
______ C:\Windows\system32\DllHost.exe (6788)
______ C:\Windows\system32\DllHost.exe (1492)
______ C:\Users\Burak\Desktop\Rooter.exe (5968)
______ C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe (6708)
______ C:\Windows\system32\msiexec.exe (6628)
Locked wmplayer.exe (6792)
______ C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C5C67DF5D46FB314.exe (7080)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:10481877504)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:10481909760 | Length:119930388480)
\Device\Harddisk0\Partition3 (Start_Offset:130412298240 | Length:119643955200)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Norton Security Scan for Burak.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\User_Feed_Synchronization-{4924E8EB-421F-4CDA-B546-D8F2C5174362}.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
C:\Users\Burak\Favorites\http--www.itouchfrance.fr-tutoriels-tutoriel-comment-installer-des-applications-crackees-avec-le-firmware-30-de-lipod-touch-iphone-fichier-installd-776.url
[b]==> Cracks & Keygens <==/b
.
----------------------\\ Scan completed at 06:58.11
.
C:\Rooter$\Rooter_1.txt - (13/09/2009 | 06:58.11).c
Et voici le rapport de RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Burak at 2009-09-13 06:55:30
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 49 GB (43%) free of 114 GB
Total RAM: 2047 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:55:39, on 13/09/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Burak\Desktop\RSIT.exe
C:\Program Files\trend micro\Burak.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows Vista Home Edition (6.0.6000)
[32_bits] - x86 Family 6 Model 15 Stepping 11, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Disabled !
Windows Defender -> Disabled !
User Account Control (UAC) -> Enabled
.
Internet Explorer 7.0.6000.16851
.
C:\ [Fixed-NTFS] .. ( Total:111 Go - Free:48 Go )
D:\ [Fixed-NTFS] .. ( Total:111 Go - Free:60 Go )
E:\ [CD_Rom]
F:\ [Removable]
G:\ [Removable]
H:\ [Removable]
I:\ [Removable]
J:\ [CD_Rom]
.
Scan : 06:57.58
Path : C:\Users\Burak\Desktop\Rooter.exe
User : Burak ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \SystemRoot\System32\smss.exe (524)
______ C:\Windows\system32\csrss.exe (628)
______ C:\Windows\SYSTEM32\wininit.exe (684)
______ C:\Windows\system32\csrss.exe (696)
______ C:\Windows\system32\services.exe (728)
______ C:\Windows\system32\lsass.exe (740)
______ C:\Windows\system32\lsm.exe (748)
______ C:\Windows\system32\svchost.exe (896)
______ C:\Windows\system32\svchost.exe (956)
______ C:\Windows\system32\Ati2evxx.exe (1048)
______ C:\Windows\System32\svchost.exe (1064)
______ C:\Windows\System32\svchost.exe (1088)
______ C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (1100)
______ C:\Windows\SYSTEM32\winlogon.exe (1152)
______ C:\Windows\system32\svchost.exe (1172)
Locked audiodg.exe (1240)
______ C:\Windows\system32\SLsvc.exe (1268)
______ C:\Windows\system32\svchost.exe (1372)
______ C:\Windows\system32\svchost.exe (1388)
______ C:\Windows\System32\spoolsv.exe (1616)
______ C:\Windows\system32\svchost.exe (1640)
______ C:\Windows\system32\Dwm.exe (1744)
______ C:\Windows\Explorer.EXE (460)
______ C:\Windows\RtHDVCpl.exe (952)
______ C:\Acer\Empowering Technology\SysMonitor.exe (1924)
______ C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (1896)
______ C:\Program Files\Java\jre6\bin\jusched.exe (1356)
______ C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe (2052)
______ C:\Program Files\Logitech\QuickCam\Quickcam.exe (2072)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (2152)
Locked bdagent.exe (2228)
______ C:\Program Files\Windows Sidebar\sidebar.exe (2244)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2260)
______ C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe (2320)
______ C:\Program Files\Windows Media Player\wmpnscfg.exe (2328)
______ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (2364)
______ C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe (2396)
______ C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE (2672)
______ C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (3032)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (3092)
______ C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (3540)
______ C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (3560)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (3624)
______ C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (3852)
______ C:\Windows\system32\svchost.exe (3888)
______ C:\Windows\system32\svchost.exe (3904)
______ C:\Windows\System32\svchost.exe (4076)
______ C:\Windows\system32\SearchIndexer.exe (1864)
______ C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (1912)
______ C:\Windows\system32\WUDFHost.exe (2484)
______ C:\Windows\SYSTEM32\taskeng.exe (2516)
______ C:\Program Files\Windows Media Player\wmpnetwk.exe (1036)
______ C:\Windows\SYSTEM32\taskeng.exe (3372)
______ C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe (5984)
______ C:\Program Files\Internet Explorer\ieuser.exe (3968)
______ C:\ProgramData\Google\Google Toolbar\Update\gtb73FA.tmp.exe (3396)
Locked vsserv.exe (4316)
Locked livesrv.exe (5684)
______ C:\Windows\servicing\TrustedInstaller.exe (5560)
______ C:\Windows\system32\NOTEPAD.EXE (6880)
______ C:\Windows\system32\SearchProtocolHost.exe (7552)
______ C:\Windows\system32\SearchFilterHost.exe (7608)
______ C:\Windows\system32\wbem\wmiprvse.exe (3288)
______ C:\Windows\system32\DllHost.exe (6788)
______ C:\Windows\system32\DllHost.exe (1492)
______ C:\Users\Burak\Desktop\Rooter.exe (5968)
______ C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe (6708)
______ C:\Windows\system32\msiexec.exe (6628)
Locked wmplayer.exe (6792)
______ C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C5C67DF5D46FB314.exe (7080)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:10481877504)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:10481909760 | Length:119930388480)
\Device\Harddisk0\Partition3 (Start_Offset:130412298240 | Length:119643955200)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Norton Security Scan for Burak.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\User_Feed_Synchronization-{4924E8EB-421F-4CDA-B546-D8F2C5174362}.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
C:\Users\Burak\Favorites\http--www.itouchfrance.fr-tutoriels-tutoriel-comment-installer-des-applications-crackees-avec-le-firmware-30-de-lipod-touch-iphone-fichier-installd-776.url
[b]==> Cracks & Keygens <==/b
.
----------------------\\ Scan completed at 06:58.11
.
C:\Rooter$\Rooter_1.txt - (13/09/2009 | 06:58.11).c
Et voici le rapport de RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Burak at 2009-09-13 06:55:30
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 49 GB (43%) free of 114 GB
Total RAM: 2047 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:55:39, on 13/09/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nero\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Burak\Desktop\RSIT.exe
C:\Program Files\trend micro\Burak.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
