Win32:Trojan-gen {Other}
Résolu
fanfan90
Messages postés
26
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour à tous
J'ai un virus qu'Avast ne peux pas supprimer. A chaque fois que j'ouvre Internet explorer, avast me dit que le fichier : C:\Users\utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FP20OJVV\77[1].exe est un virus. Le nom du virus Win32:Trojan-gen {Other}
J'ai pratiquement tout essayé pour le supprimer je n'y arrive pas. Quelqu'un pourrait-il m'aider, SVP ?
je place le rapport de Hijackthis
Merci beaucoup d'avance.
Je tourne sur Vista.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:05, on 19/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\UTILIS~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: D - {5AC36E44-814B-3614-82FE-26891ED16B53} - C:\Windows\KB728664.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TVEService] "C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Programmes\Sonic ericsson\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [MSPService] C:\Program Files\Acer Arcade Deluxe\SportsCap\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CloneCDTray] "E:\Programmes\clone cd\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\UTILIS~1\AppData\Local\Temp\pmnkICrP.dll,#1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Gestionnaire Internet.lnk = C:\Program Files\OrangeHSS\Launcher\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/3462/defaults/activex/ips/IPSUploader4.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
J'ai un virus qu'Avast ne peux pas supprimer. A chaque fois que j'ouvre Internet explorer, avast me dit que le fichier : C:\Users\utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FP20OJVV\77[1].exe est un virus. Le nom du virus Win32:Trojan-gen {Other}
J'ai pratiquement tout essayé pour le supprimer je n'y arrive pas. Quelqu'un pourrait-il m'aider, SVP ?
je place le rapport de Hijackthis
Merci beaucoup d'avance.
Je tourne sur Vista.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:05, on 19/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\UTILIS~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: D - {5AC36E44-814B-3614-82FE-26891ED16B53} - C:\Windows\KB728664.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TVEService] "C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Programmes\Sonic ericsson\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [MSPService] C:\Program Files\Acer Arcade Deluxe\SportsCap\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CloneCDTray] "E:\Programmes\clone cd\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\UTILIS~1\AppData\Local\Temp\pmnkICrP.dll,#1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Gestionnaire Internet.lnk = C:\Program Files\OrangeHSS\Launcher\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/3462/defaults/activex/ips/IPSUploader4.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:
- Win32:Trojan-gen {Other}
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Puadimanager win32/offercore ✓ - Forum Virus
- PUADlManager:Win32/OfferCore ✓ - Forum Virus
- Trojan win32 - Forum Virus
- Télécharger win32 valide pour windows 7 gratuit ✓ - Forum Réseaux sociaux
3 réponses
telecharge ca https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/12884.html
et fait un scan
et fait un scan
alors essaye celui la https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html
ci-dessous le rapport
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.1.2538. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 20:36:22 19 août 2008
Using Database v7106
Operating System: Windows Vista SP1 [Windows Vista Service Pack 1 (Build 6001)]
Edition: Windows Vista (TM) Home Premium
File System: NTFS
User Account Control is Enabled.
Data directory: C:\Users\utilisateur\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\utilisateur\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Microsoft Windows Defender
Avast! Antivirus
************************************************************
************************************************************
20:36:22: Scanning ----------WIN.INI-----------
WIN.INI found in C:\Windows
************************************************************
20:36:22: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\Windows
************************************************************
20:36:22: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.
************************************************************
20:36:24: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: explorer.exe
C:\Windows\explorer.exe
2927104 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
25088 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: Windows Defender
Value Data: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
C:\Program Files\Windows Defender\MSASCui.exe
1008184 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
--------------------
Value Name: RtHDVCpl
Value Data: RtHDVCpl.exe
C:\Windows\RtHDVCpl.exe
4468736 bytes
Created: 26/07/2007
Modified: 10/05/2007
Company: Realtek Semiconductor
--------------------
Value Name: SynTPEnh
Value Data: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
833072 bytes
Created: 26/07/2007
Modified: 04/06/2007
Company: Synaptics, Inc.
--------------------
Value Name: eAudio
Value Data: "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
C:\Acer\Empowering Technology\eAudio\eAudio.exe
1286144 bytes
Created: 26/07/2007
Modified: 11/06/2007
Company: CyberLink
--------------------
Value Name: eDataSecurity Loader
Value Data: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
457216 bytes
Created: 25/04/2007
Modified: 25/04/2007
Company: HiTRUST
--------------------
Value Name: Acer Tour
Value Data:
Blank entry: []
--------------------
Value Name: PLFSet
Value Data: rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
C:\Windows\PLFSet.dll
45056 bytes
Created: 26/07/2007
Modified: 24/04/2007
Company:
--------------------
Value Name: LManager
Value Data: C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
784904 bytes
Created: 26/07/2007
Modified: 28/06/2007
Company: Dritek System Inc.
--------------------
Value Name: eRecoveryService
Value Data:
Blank entry: []
--------------------
Value Name: Acer Tour Reminder
Value Data: C:\Acer\AcerTour\Reminder.exe
C:\Acer\AcerTour\Reminder.exe
151552 bytes
Created: 26/07/2007
Modified: 22/05/2007
Company: Acer Inc.
--------------------
Value Name: WarReg_PopUp
Value Data: C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
57344 bytes
Created: 18/12/2007
Modified: 05/11/2006
Company: Acer Inc.
--------------------
Value Name: IAAnotif
Value Data: C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
174872 bytes
Created: 18/12/2007
Modified: 08/05/2007
Company: Intel Corporation
--------------------
Value Name: avast!
Value Data: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
78008 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
--------------------
Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
144784 bytes
Created: 13/07/2008
Modified: 10/06/2008
Company: Sun Microsystems, Inc.
--------------------
Value Name: TVEService
Value Data: "C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe"
C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe
151552 bytes
Created: 06/11/2007
Modified: 01/06/2007
Company: CyberLink Corp.
--------------------
Value Name: Sony Ericsson PC Suite
Value Data: "D:\Programmes\Sonic ericsson\Application Launcher\Application Launcher.exe" /startoptions
D:\Programmes\Sonic ericsson\Application Launcher\Application Launcher.exe
-R- 528384 bytes
Created: 13/06/2007
Modified: 13/06/2007
Company:
--------------------
Value Name: PlayMovie
Value Data: "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
206952 bytes
Created: 06/11/2007
Modified: 24/05/2007
Company: CyberLink Corp.
--------------------
Value Name: MSPService
Value Data: C:\Program Files\Acer Arcade Deluxe\SportsCap\Kernel\MagicSports\MSPMirage.exe
C:\Program Files\Acer Arcade Deluxe\SportsCap\Kernel\MagicSports\MSPMirage.exe
102400 bytes
Created: 06/11/2007
Modified: 13/02/2007
Company:
--------------------
Value Name: NeroFilterCheck
Value Data: C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
153136 bytes
Created: 01/03/2007
Modified: 01/03/2007
Company: Nero AG
--------------------
Value Name: NBKeyScan
Value Data: "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
1828136 bytes
Created: 08/08/2007
Modified: 08/08/2007
Company: Nero AG
--------------------
Value Name: CmUsbSound
Value Data: RunDll32 cmcnfgu.cpl,CMICtrlWnd
cmcnfgu.cpl [file not found to scan]
--------------------
Value Name: Google Desktop Search
Value Data: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1836544 bytes
Created: 21/03/2008
Modified: 21/03/2008
Company: Google
--------------------
Value Name: CloneCDTray
Value Data: "E:\Programmes\clone cd\CloneCD\CloneCDTray.exe" /s
E:\Programmes\clone cd\CloneCD\CloneCDTray.exe
57344 bytes
Created: 28/09/2006
Modified: 28/09/2006
Company: SlySoft, Inc.
--------------------
Value Name: Skytel
Value Data: Skytel.exe
C:\Windows\Skytel.exe
1826816 bytes
Created: 26/07/2007
Modified: 07/05/2007
Company: Realtek Semiconductor Corp.
--------------------
Value Name: NvSvc
Value Data: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
C:\Windows\system32\nvsvc.dll
86016 bytes
Created: 26/07/2007
Modified: 06/06/2007
Company: NVIDIA Corporation
--------------------
Value Name: NvCplDaemon
Value Data: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
C:\Windows\system32\NvCpl.dll
8433664 bytes
Created: 26/07/2007
Modified: 06/06/2007
Company: NVIDIA Corporation
--------------------
Value Name: NvMediaCenter
Value Data: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
C:\Windows\system32\NvMcTray.dll
81920 bytes
Created: 26/07/2007
Modified: 06/06/2007
Company: NVIDIA Corporation
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
909904 bytes
Created: 19/08/2008
Modified: 30/07/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: Sidebar
Value Data: C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
1233920 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
--------------------
Value Name: Acer Tour Reminder
Value Data: C:\Acer\AcerTour\Reminder.exe
C:\Acer\AcerTour\Reminder.exe
151552 bytes
Created: 26/07/2007
Modified: 22/05/2007
Company: Acer Inc.
--------------------
Value Name: ehTray.exe
Value Data: C:\Windows\ehome\ehTray.exe
C:\Windows\ehome\ehTray.exe
125952 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 19/12/2007
Modified: 19/12/2007
Company: Google Inc.
--------------------
Value Name: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
Value Data: "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
202024 bytes
Created: 03/08/2007
Modified: 03/08/2007
Company: Nero AG
--------------------
Value Name: MSServer
Value Data: rundll32.exe C:\Users\UTILIS~1\AppData\Local\Temp\pmnkICrP.dll,#1
C:\Users\UTILIS~1\AppData\Local\Temp\pmnkICrP.dll [file not found to scan]
--------------------
Value Name: WMPNSCFG
Value Data: C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
202240 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
--------------------
Value Name: SpybotSD TeaTimer
Value Data: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - this entry is globally excluded
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
************************************************************
20:36:27: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty
************************************************************
20:36:27: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------
************************************************************
20:36:27: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\system32\Aurora.scr
C:\Windows\system32\Aurora.scr
1370624 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
--------------------
************************************************************
20:36:27: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
************************************************************
20:36:28: Scanning ----- SERVICEDLL REGISTRY KEYS -----
************************************************************
20:36:31: Scanning ----- SERVICES REGISTRY KEYS -----
Key: a2free
ImagePath: "C:\Program Files\a-squared Free\a2service.exe"
C:\Program Files\a-squared Free\a2service.exe
380536 bytes
Created: 18/08/2008
Modified: 31/07/2008
Company: Emsi Software GmbH
----------
Key: A310
ImagePath: system32\DRIVERS\AVerA310USB.sys
C:\Windows\system32\DRIVERS\AVerA310USB.sys
26496 bytes
Created: 06/11/2007
Modified: 19/08/2007
Company: AVerMedia TECHNOLOGIES, Inc.
----------
Key: ALaunchService
ImagePath: C:\Acer\ALaunch\ALaunchSvc.exe
C:\Acer\ALaunch\ALaunchSvc.exe
50688 bytes
Created: 26/07/2007
Modified: 26/01/2007
Company:
----------
Key: aswFsBlk
ImagePath: system32\DRIVERS\aswFsBlk.sys
C:\Windows\system32\DRIVERS\aswFsBlk.sys
20560 bytes
Created: 30/03/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: aswMonFlt
ImagePath: system32\DRIVERS\aswMonFlt.sys
C:\Windows\system32\DRIVERS\aswMonFlt.sys
51280 bytes
Created: 19/12/2007
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
16056 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
147640 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
250040 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
348344 bytes
Created: 16/05/2008
Modified: 23/07/2008
Company: ALWIL Software
----------
Key: AX88772
ImagePath: system32\DRIVERS\ax88772.sys
C:\Windows\system32\DRIVERS\ax88772.sys
17920 bytes
Created: 08/03/2008
Modified: 27/05/2005
Company: ASIX Electronics Corp.
----------
Key: b57nd60x
ImagePath: system32\DRIVERS\b57nd60x.sys
C:\Windows\system32\DRIVERS\b57nd60x.sys
179712 bytes
Created: 08/02/2007
Modified: 08/02/2007
Company: Broadcom Corporation
----------
Key: BDASwCap
ImagePath: system32\drivers\AVerA310Cap.sys
C:\Windows\system32\drivers\AVerA310Cap.sys
42496 bytes
Created: 06/11/2007
Modified: 19/08/2007
Company: AVerMedia TECHNOLOGIES, Inc.
----------
Key: blbdrive
ImagePath: \SystemRoot\system32\drivers\blbdrive.sys - file is missing - alert is globally excluded
----------
Key: circlass
ImagePath: system32\DRIVERS\circlass.sys
C:\Windows\system32\DRIVERS\circlass.sys
35328 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
----------
Key: CLTNetCnService
ImagePath: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [file not found to scan]
----------
Key: cmudau
ImagePath: system32\drivers\cmudaxu.sys
C:\Windows\system32\drivers\cmudaxu.sys
1390656 bytes
Created: 08/03/2008
Modified: 20/07/2005
Company: C-Media Inc
----------
Key: DKbFltr
ImagePath: system32\DRIVERS\DKbFltr.sys
C:\Windows\system32\DRIVERS\DKbFltr.sys
21264 bytes
Created: 26/07/2007
Modified: 02/11/2006
Company: Dritek System Inc.
----------
Key: DritekPortIO
ImagePath: \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys
C:\PROGRA~1\LAUNCH~1\DPortIO.sys
20112 bytes
Created: 26/07/2007
Modified: 02/11/2006
Company: Dritek System Inc.
----------
Key: eDataSecurity Service
ImagePath: "C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe"
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
457512 bytes
Created: 25/04/2007
Modified: 25/04/2007
Company: HiTRSUT
----------
Key: ElbyCDFL
ImagePath: System32\Drivers\ElbyCDFL.sys
C:\Windows\System32\Drivers\ElbyCDFL.sys
34760 bytes
Created: 16/02/2007
Modified: 16/02/2007
Company: SlySoft, Inc.
----------
Key: ElbyCDIO
ImagePath: System32\Drivers\ElbyCDIO.sys
C:\Windows\System32\Drivers\ElbyCDIO.sys
25160 bytes
Created: 07/08/2007
Modified: 07/08/2007
Company: Elaborate Bytes AG
----------
Key: eLockService
ImagePath: C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
24576 bytes
Created: 26/07/2007
Modified: 23/04/2007
Company: Acer Inc.
----------
Key: eNet Service
ImagePath: C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
-R- 135168 bytes
Created: 27/07/2007
Modified: 13/06/2007
Company: Acer Inc.
----------
Key: eRecoveryService
ImagePath: C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
53248 bytes
Created: 06/11/2007
Modified: 03/07/2007
Company: Acer Inc.
----------
Key: eSettingsService
ImagePath: C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
24576 bytes
Created: 26/07/2007
Modified: 28/06/2007
Company:
----------
Key: GoogleDesktopManager
ImagePath: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1836544 bytes
Created: 21/03/2008
Modified: 21/03/2008
Company: Google
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138680 bytes
Created: 19/12/2007
Modified: 19/12/2007
Company: Google
----------
Key: HidIr
ImagePath: system32\DRIVERS\hidir.sys
C:\Windows\system32\DRIVERS\hidir.sys
21504 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
----------
Key: HSFHWAZL
ImagePath: system32\DRIVERS\VSTAZL3.SYS
C:\Windows\system32\DRIVERS\VSTAZL3.SYS
200704 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Conexant Systems, Inc.
----------
Key: HSXHWAZL
ImagePath: system32\DRIVERS\HSXHWAZL.sys
C:\Windows\system32\DRIVERS\HSXHWAZL.sys
207360 bytes
Created: 26/07/2007
Modified: 22/12/2006
Company: Conexant Systems, Inc.
----------
Key: IAANTMON
ImagePath: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
355096 bytes
Created: 18/12/2007
Modified: 08/05/2007
Company: Intel Corporation
----------
Key: iaStor
ImagePath: system32\DRIVERS\iaStor.sys
C:\Windows\system32\DRIVERS\iaStor.sys
277784 bytes
Created: 26/07/2007
Modified: 12/02/2007
Company: Intel Corporation
----------
Key: IKFileSec
ImagePath: \SystemRoot\system32\drivers\ikfilesec.sys
C:\Windows\system32\drivers\ikfilesec.sys
42376 bytes
Created: 21/03/2008
Modified: 01/02/2008
Company: PCTools Research Pty Ltd.
----------
Key: IKSysFlt
ImagePath: system32\drivers\iksysflt.sys
C:\Windows\system32\drivers\iksysflt.sys
66952 bytes
Created: 21/03/2008
Modified: 10/12/2007
Company: PCTools Research Pty Ltd.
----------
Key: IKSysSec
ImagePath: system32\drivers\iksyssec.sys
C:\Windows\system32\drivers\iksyssec.sys
81288 bytes
Created: 21/03/2008
Modified: 10/12/2007
Company: PCTools Research Pty Ltd.
----------
Key: int15
ImagePath: \??\C:\Acer\Empowering Technology\eRecovery\int15.sys
C:\Acer\Empowering Technology\eRecovery\int15.sys
76584 bytes
Created: 06/11/2007
Modified: 07/12/2006
Company:
----------
Key: IpInIp
ImagePath: system32\DRIVERS\ipinip.sys - file is missing - alert is globally excluded
----------
Key: itecir
ImagePath: system32\DRIVERS\itecir.sys
C:\Windows\system32\DRIVERS\itecir.sys
49664 bytes
Created: 26/07/2007
Modified: 20/06/2007
Company: Windows (R) Codename Longhorn DDK provider
----------
Key: MobilityService
ImagePath: C:\Acer\Mobility Center\MobilityService.exe -p
C:\Acer\Mobility Center\MobilityService.exe
107008 bytes
Created: 26/07/2007
Modified: 24/11/2006
Company:
----------
Key: msahci
ImagePath: system32\drivers\msahci.sys
C:\Windows\system32\drivers\msahci.sys
25784 bytes
Created: 26/07/2007
Modified: 26/07/2007
Company: Microsoft Corporation
----------
Key: msiserver
ImagePath: %systemroot%\system32\msiexec /V
----------
Key: Nero BackItUp Scheduler 3
ImagePath: C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
836904 bytes
Created: 08/08/2007
Modified: 08/08/2007
Company: Nero AG
----------
Key: NETw4v32
ImagePath: system32\DRIVERS\NETw4v32.sys
C:\Windows\system32\DRIVERS\NETw4v32.sys
2222080 bytes
Created: 26/07/2007
Modified: 20/06/2007
Company: Intel Corporation
----------
Key: NMIndexingService
ImagePath: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
382248 bytes
Created: 03/08/2007
Modified: 03/08/2007
Company: Nero AG
----------
Key: NTIDrvr
ImagePath: system32\DRIVERS\NTIDrvr.sys
C:\Windows\system32\DRIVERS\NTIDrvr.sys
6144 bytes
Created: 26/07/2007
Modified: 26/07/2007
Company: NewTech Infosystems, Inc.
----------
Key: NwlnkFlt
ImagePath: system32\DRIVERS\nwlnkflt.sys - file is missing - alert is globally excluded
----------
Key: NwlnkFwd
ImagePath: system32\DRIVERS\nwlnkfwd.sys - file is missing - alert is globally excluded
----------
Key: PCAMp50
ImagePath: System32\Drivers\PCAMp50.sys
C:\Windows\System32\Drivers\PCAMp50.sys
28224 bytes
Created: 19/12/2007
Modified: 28/11/2006
Company: Printing Communications Assoc., Inc. (PCAUSA)
----------
Key: PCASp50
ImagePath: System32\Drivers\PCASp50.sys
C:\Windows\System32\Drivers\PCASp50.sys
27072 bytes
Created: 19/12/2007
Modified: 28/11/2006
Company: Printing Communications Assoc., Inc. (PCAUSA)
----------
Key: PSDFilter
ImagePath: system32\DRIVERS\psdfilter.sys
C:\Windows\system32\DRIVERS\psdfilter.sys
20776 bytes
Created: 25/04/2007
Modified: 25/04/2007
Company: HiTRUST
----------
Key: PSDNServ
ImagePath: system32\drivers\PSDNServ.sys
C:\Windows\system32\drivers\PSDNServ.sys
16680 bytes
Created: 25/04/2007
Modified: 25/04/2007
Company: HiTRUST
----------
Key: psdvdisk
ImagePath: system32\drivers\psdvdisk.sys
C:\Windows\system32\drivers\psdvdisk.sys
60712 bytes
Created: 25/04/2007
Modified: 25/04/2007
Company: HiTRUST
----------
Key: RichVideo
ImagePath: "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
266343 bytes
Created: 26/07/2007
Modified: 23/01/2007
Company:
----------
Key: s115bus
ImagePath: system32\DRIVERS\s115bus.sys
C:\Windows\system32\DRIVERS\s115bus.sys
83208 bytes
Created: 06/01/2008
Modified: 23/04/2007
Company: MCCI Corporation
----------
Key: s115mdfl
ImagePath: system32\DRIVERS\s115mdfl.sys
C:\Windows\system32\DRIVERS\s115mdfl.sys
15112 bytes
Created: 06/01/2008
Modified: 23/04/2007
Company: MCCI Corporation
----------
Key: s115mdm
ImagePath: system32\DRIVERS\s115mdm.sys
C:\Windows\system32\DRIVERS\s115mdm.sys
108680 bytes
Created: 06/01/2008
Modified: 23/04/2007
Company: MCCI Corporation
----------
Key: s115mgmt
ImagePath: system32\DRIVERS\s115mgmt.sys
C:\Windows\system32\DRIVERS\s115mgmt.sys
100488 bytes
Created: 06/01/2008
Modified: 23/04/2007
Company: MCCI Corporation
----------
Key: s115obex
ImagePath: system32\DRIVERS\s115obex.sys
C:\Windows\system32\DRIVERS\s115obex.sys
98568 bytes
Created: 06/01/2008
Modified: 23/04/2007
Company: MCCI Corporation
----------
Key: s116bus
ImagePath: system32\DRIVERS\s116bus.sys
C:\Windows\system32\DRIVERS\s116bus.sys
83336 bytes
Created: 06/01/2008
Modified: 03/04/2007
Company: MCCI Corporation
----------
Key: s116mdfl
ImagePath: system32\DRIVERS\s116mdfl.sys
C:\Windows\system32\DRIVERS\s116mdfl.sys
15112 bytes
Created: 06/01/2008
Modified: 03/04/2007
Company: MCCI Corporation
----------
Key: s116mdm
ImagePath: system32\DRIVERS\s116mdm.sys
C:\Windows\system32\DRIVERS\s116mdm.sys
108680 bytes
Created: 06/01/2008
Modified: 03/04/2007
Company: MCCI Corporation
----------
Key: s116mgmt
ImagePath: system32\DRIVERS\s116mgmt.sys
C:\Windows\system32\DRIVERS\s116mgmt.sys
100488 bytes
Created: 06/01/2008
Modified: 03/04/2007
Company: MCCI Corporation
----------
Key: s116nd5
ImagePath: system32\DRIVERS\s116nd5.sys
C:\Windows\system32\DRIVERS\s116nd5.sys
23176 bytes
Created: 06/01/2008
Modified: 03/04/2007
Company: MCCI Corporation
----------
Key: s116obex
ImagePath: system32\DRIVERS\s116obex.sys
C:\Windows\system32\DRIVERS\s116obex.sys
98696 bytes
Created: 06/01/2008
Modified: 03/04/2007
Company: MCCI Corporation
----------
Key: s116unic
ImagePath: system32\DRIVERS\s116unic.sys
C:\Windows\system32\DRIVERS\s116unic.sys
99080 bytes
Created: 06/01/2008
Modified: 03/04/2007
Company: MCCI Corporation
----------
Key: sdAuxService
ImagePath: C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
747912 bytes
Created: 21/03/2008
Modified: 01/02/2008
Company: PC Tools
----------
Key: sdCoreService
ImagePath: C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
948616 bytes
Created: 21/03/2008
Modified: 01/02/2008
Company: PC Tools
----------
Key: Ser2pl
ImagePath: system32\DRIVERS\ser2pl.sys
C:\Windows\system32\DRIVERS\ser2pl.sys
42752 bytes
Created: 08/03/2008
Modified: 28/06/2004
Company: Prolific Technology Inc.
----------
Key: SNP2UVC
ImagePath: system32\DRIVERS\snp2uvc.sys
C:\Windows\system32\DRIVERS\snp2uvc.sys
1729152 bytes
Created: 26/07/2007
Modified: 07/02/2007
Company:
----------
Key: sptd
ImagePath: System32\Drivers\sptd.sys - this file is globally excluded
----------
Key: SynTP
ImagePath: system32\DRIVERS\SynTP.sys
C:\Windows\system32\DRIVERS\SynTP.sys
181432 bytes
Created: 26/07/2007
Modified: 04/06/2007
Company: Synaptics, Inc.
----------
Key: tifm21
ImagePath: system32\drivers\tifm21.sys
C:\Windows\system32\drivers\tifm21.sys
290816 bytes
Created: 26/07/2007
Modified: 01/05/2007
Company: Texas Instruments
----------
Key: TVECapSvc
ImagePath: "C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe"
C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
286820 bytes
Created: 06/11/2007
Modified: 01/06/2007
Company:
----------
Key: TVESched
ImagePath: "C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe"
C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
110682 bytes
Created: 06/11/2007
Modified: 01/06/2007
Company:
----------
Key: UIUSys
ImagePath: system32\DRIVERS\UIUSYS.SYS
C:\Windows\system32\DRIVERS\UIUSYS.SYS [file not found to scan]
----------
Key: usnjsvc
ImagePath: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
C:\Program Files\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18/10/2007
Modified: 18/10/2007
Company: Microsoft Corporation
----------
Key: WLSetupSvc
ImagePath: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25/10/2007
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: WMIService
ImagePath: C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
167936 bytes
Created: 26/07/2007
Modified: 13/06/2007
Company: acer
----------
Key: xnacc
ImagePath: system32\DRIVERS\xnacc.sys
C:\Windows\system32\DRIVERS\xnacc.sys
521216 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
----------
Key: {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}
ImagePath: \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
13560 bytes
Created: 06/11/2007
Modified: 02/11/2006
Company: Cyberlink Corp.
----------
************************************************************
20:36:40: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:
************************************************************
20:36:40: Scanning ----- WINLOGON\NOTIFY DLLS -----
No WINLOGON\NOTIFY DLLs found to scan
************************************************************
20:36:40: Scanning ----- CONTEXTMENUHANDLERS -----
Key: 7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path: C:\Program Files\7-Zip\7-zip.dll
C:\Program Files\7-Zip\7-zip.dll
71168 bytes
Created: 13/08/2008
Modified: 13/08/2008
Company: Igor Pavlov
----------
Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
73912 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: Cover Designer
CLSID: {73FCA462-9BD5-4065-A73F-A8E5F6904EF7}
Path: C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
2102568 bytes
Created: 04/08/2007
Modified: 04/08/2007
Company: Nero AG
----------
Key: EDSshellExt
CLSID: {29FF7AB0-BE34-4992-A30B-53A9D86EE239}
Path: C:\Windows\system32\eDSshellExt.dll
C:\Windows\system32\eDSshellExt.dll
315392 bytes
Created: 25/04/2007
Modified: 25/04/2007
Company: HiTRUST
----------
Key: {100BD527-7304-4b7f-BEE2-26D97B04EBA4}
Path: C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll
C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll
255272 bytes
Created: 08/08/2007
Modified: 08/08/2007
Company: Nero AG
----------
************************************************************
20:36:41: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
File: "C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll"
C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
339968 bytes
Created: 21/01/2008
Modified: 21/01/2008
Company: Sun Microsystems, Inc.
----------
************************************************************
20:36:41: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
62080 bytes
Created: 23/10/2006
Modified: 23/10/2006
Company: Adobe Systems Incorporated
----------
Key: {53707962-6F74-2D53-2644-206D7942484F}
BHO: C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
1562448 bytes
Created: 18/08/2008
Modified: 07/07/2008
Company: Safer Networking Limited
----------
Key: {5AC36E44-814B-3614-82FE-26891ED16B53}
BHO: C:\Windows\KB728664.dll
C:\Windows\KB728664.dll
126976 bytes
Created: 16/08/2008
Modified: 16/08/2008
Company: Microsoft Corporation
----------
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
509328 bytes
Created: 13/07/2008
Modified: 10/06/2008
Company: Sun Microsystems, Inc.
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar1.dll
c:\program files\google\googletoolbar1.dll
-R- 2436160 bytes
Created: 19/12/2007
Modified: 19/12/2007
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
654320 bytes
Created: 19/12/2007
Modified: 19/12/2007
Company: Google Inc.
----------
************************************************************
20:36:41: Scanning ----- SHELLSERVICEOBJECTS -----
************************************************************
20:36:41: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
************************************************************
20:36:41: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.
************************************************************
20:36:41: Scanning ----- APPINIT_DLLS -----
AppInitDLLs entry = [C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL]
File: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
145408 bytes
Created: 21/03/2008
Modified: 21/03/2008
Company: Google
----------
************************************************************
20:36:41: Scanning ----- SECURITY PROVIDER DLLS -----
************************************************************
20:36:41: Scanning ------ USER STARTUP GROUPS ------
Checking Startup Group for All Users
[C:\Windows\Profiles\All Users\Start Menu\Programs\StartUp]
No Startup files for All Users were located to check
************************************************************
20:36:41: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
110592 bytes
Created: 07/01/2008
Modified: 24/08/2000
Company: Adobe Systems, Inc.
Adobe Gamma Loader.lnk - links to C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
--------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 02/11/2006
Modified: 27/06/2008
Company:
--------------------
C:\Acer\Empowering Technology\eAPLauncher.exe
535336 bytes
Created: 26/07/2007
Modified: 14/04/2007
Company: Acer Inc.
Empowering Technology Launcher.lnk - links to C:\Acer\Empowering Technology\eAPLauncher.exe
--------------------
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
125624 bytes
Created: 19/12/2007
Modified: 22/05/2008
Company: Google
Outil de mise à jour Google.lnk - links to C:\Program Files\Google\Google Updater\GoogleUpdater.exe
--------------------
************************************************************
20:36:42: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: utilisateur
[C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 18/12/2007
Modified: 19/12/2007
Company:
----------
Gestionnaire Internet.lnk - links to C:\Program Files\OrangeHSS\Launcher\Launcher.exe [file not found to scan]
----------
--------------------
************************************************************
20:37:35: Scanning ----- SCHEDULED TASKS -----
Taskname: User_Feed_Synchronization-{015976D3-C050-4E66-AE23-0DE0D97F33BA}.job
File: C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\msfeedssync.exe
12800 bytes
Created: 18/06/2008
Modified: 19/01/2008
Company: Microsoft Corporation
Parameters: sync
Next Run Time: 20/08/2008 20:32:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: utilisateur
Comments: Updates out-of-date system feeds.
----------
************************************************************
20:37:36: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
No ShellIconOverlayIdentifiers Registry key found to scan
************************************************************
20:37:36: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Windows\Web\Wallpaper\Acer01.jpg
C:\Windows\Web\Wallpaper\Acer01.jpg
755045 bytes
Created: 26/07/2007
Modified: 29/03/2007
Company:
----------
Web Desktop Wallpaper: %SystemRoot%\Web\Wallpaper\Acer01.jpg
C:\Windows\Web\Wallpaper\Acer01.jpg
755045 bytes
Created: 26/07/2007
Modified: 29/03/2007
Company:
----------
Additional checks completed
************************************************************
20:37:36: Scanning ----- RUNNING PROCESSES -----
C:\Windows\System32\smss.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\wininit.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\services.exe
--------------------
C:\Windows\system32\lsass.exe
--------------------
C:\Windows\system32\lsm.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\system32\winlogon.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\SLsvc.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashServ.exe
--------------------
C:\Windows\System32\spoolsv.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\a-squared Free\a2service.exe
--------------------
C:\Acer\ALaunch\ALaunchSvc.exe
--------------------
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
--------------------
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
--------------------
C:\Acer\Empowering Technology\eNet\eNet Service.exe
--------------------
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--------------------
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
--------------------
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
--------------------
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
--------------------
C:\Acer\Mobility Center\MobilityService.exe
--------------------
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\system32\SearchIndexer.exe
--------------------
C:\Windows\system32\DRIVERS\xaudio.exe
--------------------
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
--------------------
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
--------------------
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
--------------------
C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
--------------------
C:\Windows\system32\wbem\wmiprvse.exe
--------------------
C:\Windows\system32\wbem\wmiprvse.exe
--------------------
C:\Windows\system32\wbem\unsecapp.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
--------------------
C:\Windows\system32\Dwm.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Program Files\Windows Defender\MSASCui.exe
--------------------
C:\Windows\RtHDVCpl.exe
--------------------
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
--------------------
C:\Acer\Empowering Technology\eAudio\eAudio.exe
--------------------
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
--------------------
C:\Program Files\Launch Manager\LManager.exe
--------------------
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
--------------------
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
--------------------
C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe
--------------------
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\Windows Sidebar\sidebar.exe
--------------------
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
--------------------
C:\Program Files\Windows Media Player\wmpnscfg.exe
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
--------------------
C:\Program Files\Windows Media Player\wmpnetwk.exe
--------------------
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
--------------------
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
--------------------
C:\Users\UTILIS~1\AppData\Local\Temp\RtkBtMnt.exe
--------------------
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
--------------------
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
--------------------
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
--------------------
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Windows\system32\wbem\unsecapp.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Program Files\Windows Live\Messenger\usnsvc.exe
--------------------
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Windows\system32\conime.exe
--------------------
C:\Windows\system32\Taskmgr.exe
--------------------
C:\Windows\explorer.exe
--------------------
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
--------------------
C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize: 2540096
[This is a Trojan Remover component]
--------------------
--------------------
************************************************************
20:37:42: Checking HOSTS file
No malicious entries were found in the HOSTS file
************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://fr.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://fr.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.google.fr/?gws_rd=ssl
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 20:37:42 19 août 2008
************************************************************