Aller au contenu

Mazayes

Membres
  • Compteur de contenus

    3
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français

Mazayes's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Bonsoir, j'ai suivi les tutos et je ne suis pas sur de moi merci d'avance pour votre aide le rapport AVSCAN et le hijack à la suite: AntiVir PersonalEdition Classic Report file date: lundi 4 décembre 2006 19:41 Scanning for 574425 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Session Computer name: AUBOULOT Version information: AVSCAN.EXE : 7.0.0.47 200744 21/08/2006 11:06:58 AVSCAN.DLL : 7.0.0.45 41000 07/09/2006 11:56:34 LUKE.DLL : 7.0.0.47 118824 07/09/2006 11:32:34 LUKERES.DLL : 7.0.0.47 9256 07/09/2006 11:56:34 ANTIVIR0.VDF : 6.35.0.1 7371264 31/05/2006 11:35:28 ANTIVIR1.VDF : 6.36.1.24 2212864 14/11/2006 18:13:42 ANTIVIR2.VDF : 6.36.1.113 221696 01/12/2006 18:13:42 ANTIVIR3.VDF : 6.36.1.126 73216 04/12/2006 18:13:42 AVEWIN32.DLL : 7.2.0.46 1925632 04/12/2006 18:13:42 AVPREF.DLL : 7.0.0.2 23592 24/07/2006 13:36:06 AVREP.DLL : 6.36.1.111 983080 04/12/2006 18:13:42 AVRPBASE.DLL : 7.0.0.0 2162728 30/03/2006 09:43:32 AVPACK32.DLL : 7.2.0.5 368680 04/12/2006 18:13:44 AVREG.DLL : 6.31.0.90 27688 28/07/2005 11:06:36 NETNT.DLL : 6.32.0.0 6696 27/09/2005 08:56:50 NETNW.DLL : 7.0.0.0 9768 24/07/2006 13:35:56 RCIMAGE.DLL : 7.0.0.74 1642536 01/08/2006 12:22:58 RCTEXT.DLL : 7.0.1.4 77864 04/12/2006 18:13:42 Configuration settings for the scan: Jobname.......................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: C,D,E Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004,1005, Macro heuristic...............: 1 File heuristic................: 3 Primary action................: 1 Secondary action..............: 0 Start of the scan: lundi 4 décembre 2006 19:41 The scan of running processes will be started 4 Processes were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 44 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SYSTEM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SOFTWARE [WARNING] The file could not be opened! C:\WINDOWS\system32\config\DEFAULT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Session\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Session\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Session\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Session\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Session\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eRT.jar-27406485-337f00c0.zip [0] Archive type: ZIP --> HiPointInstallShieldRT.class [DETECTION] Is the Trojan horse TR/Java.Downloader.Gen [iNFO] The file was deleted! C:\SDFix\backups1\backups.zip [0] Archive type: ZIP --> backups/16exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/16exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/55exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/47exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/3exmodul32f.b.exe [DETECTION] Is the Trojan horse TR/Proxy.Ho.OR.51.B --> backups/7exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/49exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/53exmodul32f.b.exe [DETECTION] Is the Trojan horse TR/Proxy.Ho.OR.51.B --> backups/26exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/42exmodul32f.b.exe [DETECTION] Is the Trojan horse TR/Proxy.Ho.OR.51.B --> backups/39exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/81exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/69exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/94exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/61exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/82exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/65exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/6exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/20exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/56exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/17exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/79exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/59exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/14exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/69exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/51exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/29exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/90exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/5exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/96exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/96exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/1exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/54exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/7exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/41exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/92exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/44exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/4exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/82exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/59exhdd.m.exe [DETECTION] Is the Trojan horse TR/Dldr.Horst.EG.1 --> backups/74exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/34exssd32.q.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.KQ.9 --> backups/39exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/4exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ --> backups/38exmodul32f.c.exe [DETECTION] Is the Trojan horse TR/Proxy.Horst.PZ [WARNING] The file was ignored! The path E:\ could not be found! Le périphérique n'est pas prêt. End of the scan: lundi 4 décembre 2006 21:45 Used time: 2:04:01 min The scan has been done completely. 4499 Scanning directories 364676 Files were scanned 46 viruses and/or unwanted programs were found 1 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 8684 Archives were scanned 20 Warnings 44 Notes ----------------------------------------------------------------------------- --------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 22:09:22, on 04/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\ElkCtrl.exe C:\Program Files\Acer\OrbiCam\CameraAssistant.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\AGRSMMSG.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hijack\HijackThis.exe
  2. J'ai du mal à enlever ce truc Remote Packet Capture Protocol v.0 si vous voyez autre chose(surement )dites moi
  3. Bonjour! Aprés avoir scanné mon pc avec bit defender puis lancer smitfraufix, j'ai effectué un scan hijack. j'ai lu les tutos mais je n'arrive pas à bien nettoyer!Pourriez vous m'éclairer de vos lumières? Logfile of HijackThis v1.99.1 Scan saved at 18:47:05, on 04/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\ElkCtrl.exe C:\Program Files\Acer\OrbiCam\CameraAssistant.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\AGRSMMSG.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\WINDOWS\system32\ctfmon.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows NT\Accessoires\wordpad.exe C:\Documents and Settings\Session\Bureau\HijackThis.exe C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [imageItEncrypt] C:\WINDOWS\system32\ImageItEncrypt.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1 O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bDNewsAgent] C:\Program Files\Softwin\BitDefender Free Edition\bdnagent.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1160687885750 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1162240846421 O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
×
×
  • Créer...