Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:59, on 06/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:Windowssystem32 askeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:WindowsRtHDVCpl.exe
C:AcerEmpowering TechnologySysMonitor.exe
C:AcerEmpowering TechnologyeDataSecurityx86eDSLoader.exe
C:WindowsSystem32
vraidservice.exe
C:WindowsSystem32
undll32.exe
C:WindowsVM_STI.EXE
C:Program FilesJavajre1.6.0_07injusched.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
C:Windowsehomeehtray.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramackWeb-8876480.exe
C:WindowsSystem32
undll32.exe
C:Windowsehomeehmsas.exe
C:Windowssystem32wbemunsecapp.exe
C:AcerEmpowering TechnologyACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:AcerEmpowering TechnologyeRecoveryERAGENT.EXE
C:Program FilesMozilla Firefoxfirefox.exe
C:Windowssystem32conime.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavcenter.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:WindowsSystem32
otepad.exe
C:Program FilesInternet ExplorerIEUser.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe
C:Windowssystem32MacromedFlashFlashUtil9f.exe
C:Windowssystem32WerFault.exe
C:Windowssystem32NOTEPAD.EXE
C:Windowssystem32SearchFilterHost.exe
C:Windowssystem32 askeng.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://google.atcomet.com/b/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://fr.fr.acer.yahoo.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.fr.acer.yahoo.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:Program FilesAskTBarSrchAstt1.binA5SRCHAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayer
pbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:Program FilesBitComet oolsBitCometBHO_1.2.8.7.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07inssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:AcerEmpowering TechnologyeDataSecurityx86ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:Program FilesAskTBarSrchAstt1.binA5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:Program FilesAskTBarar1.binASKTBAR.DLL
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:AcerEmpowering TechnologyeDataSecurityx86eDStoolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:Program FilesAskTBarar1.binASKTBAR.DLL
O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:Users oto-neneteAppDataRoamingMozillaFirefoxProfileshkvkry7q.defaultextensions{0b457cAA-602d-484a-8fe7-c1d894a011ba}libraryfsaddin-0.60.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..Run: [Acer Empowering Technology Monitor] C:AcerEmpowering TechnologySysMonitor.exe
O4 - HKLM..Run: [eDataSecurity Loader] C:AcerEmpowering TechnologyeDataSecurityx86eDSloader.exe
O4 - HKLM..Run: [PCMMediaSharing] C:Program FilesAcer Arcade LiveAcer HomeMedia ConnectKernelDMSPCMMediaSharing.exe
O4 - HKLM..Run: [WarReg_PopUp] C:AcerWR_PopUpWarReg_PopUp.exe
O4 - HKLM..Run: [NVRaidService] C:Windowssystem32
vraidservice.exe
O4 - HKLM..Run: [NBKeyScan] "C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe"
O4 - HKLM..Run: [Skytel] Skytel.exe
O4 - HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32
vsvc.dll,nvsvcStart
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [BigDogPath] C:WindowsVM_STI.EXE Cammaestro 4.2GU build 1105
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesMpcStarCodecsQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07injusched.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [avgnt] "C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [BitComet] "C:Program FilesBitCometBitComet.exe" /tray
O4 - HKCU..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
O4 - HKCU..Run: [Speech Recognition] "C:WindowsSpeechCommonsapisvr.exe" -SpeechUX -Startup
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [Acer Tour Reminder] C:AcerAcerTourReminder.exe (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [Acer Tour Reminder] C:AcerAcerTourReminder.exe (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:Program FilesMSN Pictures DisplayerMSN Pictures Displayer.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O8 - Extra context menu item: &D&ownload &with BitComet -
res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet -
res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet -
res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJRE16~1.0_0inssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJRE16~1.0_0inssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:Program FilesBitComet oolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:Program FilesAcer Arcade LiveAcer HomeMedia ConnectKernelDMSCLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:AcerEmpowering TechnologyePerformanceMemCheck.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
O23 - Service: Boonty Games - Unknown owner - C:Program FilesCommon FilesBOONTY SharedServiceBoonty.exe (file missing)
O23 - Service: eDataSecurity Service - Egis Incorporated - C:AcerEmpowering TechnologyeDataSecurityx86eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:AcerEmpowering TechnologyeRecoveryeRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:AcerEmpowering TechnologyeSettingsServicecapuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:Program Filesma-config.commaconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:Windowssystem32IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:Windowssystem32PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program FilesCyberLinkShared FilesRichVideo.exe
--
End of file - 12585 bytes