Runscanner logfile http://www.runscanner.net * = signed file - = file not found 000 General info ---------------- Computer name : VINCENTETANSOFI Creation time : 02/12/2008 14:27:22 Hosts <> 127.0.0.1 : 0 Hosts file location : %SystemRoot%\System32\drivers\etc IE version : 7.0.6001.18000 OS : Windows Vista (TM) Home Premium OS Build : 6001 OS SP : Service Pack 1 RunScanner Version : 1.6.1.0 User Language : Français (France) User rights : Administrator Windows folder : C:\Windows 001 Running processes --------------------- * c:\windows\system32\driverstore\filerepository\stwrt.inf_030ac640\aestsrv.exe (Andrea Electronics Corporation) * c:\windows\system32\wininit.exe (Microsoft Corporation) * c:\windows\system32\winlogon.exe (Microsoft Corporation) * c:\windows\sminst\blservice.exe * c:\windows\system32\spoolsv.exe (Microsoft Corporation) * c:\windows\system32\services.exe (Microsoft Corporation) c:\program files\bitdefender\bitdefender 2009\bdagent.exe (BitDefender S.R.L.) c:\program files\bitdefender\bitdefender 2009\seccenter.exe c:\program files\bitdefender\bitdefender 2009\vsserv.exe (BitDefender S. R. L.) * c:\windows\system32\notepad.exe (Microsoft Corporation) c:\program files\canal\canal widget\canal widget.exe c:\program files\canal\canal widget\vod\canalplus.vod.exe (Canal+ Active) * c:\program files\hp\quickplay\kernel\tv\qpcapsvc.exe * c:\program files\hp\quickplay\kernel\tv\qpsched.exe * c:\program files\hewlett-packard\hp quick launch buttons\com4qlbex.exe (Hewlett-Packard Development Company, L.P.) * c:\program files\daemon tools lite\daemon.exe (DT Soft Ltd) * c:\windows\explorer.exe (Microsoft Corporation) * c:\program files\mozilla firefox\firefox.exe (Mozilla Corporation) * c:\windows\system32\dwm.exe (Microsoft Corporation) c:\program files\trend micro\hijackthis\hijackthis.exe (Trend Micro Inc.) c:\program files\hewlett-packard\hp health check\hphc_service.exe (Hewlett-Packard) * c:\program files\hp\quickplay\qpservice.exe (CyberLink Corp.) * c:\program files\hewlett-packard\hp quicktouch\hpkbdapp.exe ( Hewlett-Packard Development Company, L.P.) * c:\program files\hewlett-packard\shared\hpqtoaster.exe * c:\program files\hewlett-packard\shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.) * c:\windows\system32\hpservice.exe (Hewlett-Packard Corporation) * c:\program files\hewlett-packard\hp wireless assistant\hpwamain.exe (Hewlett-Packard Development Company, L.P.) * c:\program files\hp\hp software update\hpwuschd2.exe (Hewlett-Packard) * c:\program files\idt\wdm\sttray.exe (IDT, Inc.) * c:\windows\system32\driverstore\filerepository\stwrt.inf_a7e996cd\stacsv.exe (IDT, Inc.) * c:\windows\system32\searchindexer.exe (Microsoft Corporation) * C:\Windows\system32\audiodg.exe (Microsoft Corporation) * c:\program files\java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) c:\program files\common files\lightscribe\lssrvc.exe (Hewlett-Packard Company) c:\program files\common files\lightscribe\lightscribecontrolpanel.exe (Hewlett-Packard Company) * c:\windows\ehome\ehmsas.exe (Microsoft Corporation) * c:\windows\ehome\ehtray.exe (Microsoft Corporation) * c:\windows\system32\searchfilterhost.exe (Microsoft Corporation) * c:\windows\system32\searchprotocolhost.exe (Microsoft Corporation) * c:\program files\hewlett-packard\hp wireless assistant\wifimsg.exe (Hewlett-Packard Development Company, L.P.) * c:\windows\system32\taskeng.exe (Microsoft Corporation) * c:\windows\system32\taskeng.exe (Microsoft Corporation) * c:\program files\nero\nero8\nero backitup\nbservice.exe (Nero AG) * c:\program files\common files\nero\lib\nmindexstoresvr.exe (Nero AG) * c:\program files\common files\nero\lib\nmindexingservice.exe (Nero AG) * c:\windows\system32\nvvsvc.exe (NVIDIA Corporation) c:\windows\system32\ioctlsvc.exe (Prolific Technology Inc.) * c:\windows\system32\lsass.exe (Microsoft Corporation) * c:\windows\system32\csrss.exe (Microsoft Corporation) * c:\windows\system32\csrss.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\svchost.exe (Microsoft Corporation) * c:\windows\system32\rundll32.exe (Microsoft Corporation) * c:\windows\system32\rundll32.exe (Microsoft Corporation) * c:\program files\hewlett-packard\hp quick launch buttons\qlbctrl.exe ( Hewlett-Packard Development Company, L.P.) * c:\program files\common files\real\update_ob\realsched.exe (RealNetworks, Inc.) * c:\users\vincent et ansofi\downloads\runscanner1-6.exe (Runscanner.net) * c:\windows\system32\slsvc.exe (Microsoft Corporation) * c:\windows\system32\lsm.exe (Microsoft Corporation) * c:\program files\synaptics\syntp\syntphelper.exe (Synaptics, Inc.) * c:\program files\synaptics\syntp\syntpenh.exe (Synaptics, Inc.) * c:\program files\windows sidebar\sidebar.exe (Microsoft Corporation) * c:\program files\windows live\messenger\msnmsgr.exe (Microsoft Corporation) * c:\windows\system32\smss.exe (Microsoft Corporation) * c:\windows\system32\wuauclt.exe (Microsoft Corporation) * c:\windows\system32\wbem\wmiprvse.exe (Microsoft Corporation) 002 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys) ----------------------------------------------------------------- c:\program files\bitdefender\bitdefender 2009\bdagent.exe (BitDefender S.R.L.) c:\program files\bitdefender\bitdefender 2009\ieshow.exe (BitDefender) * c:\program files\canal\canal widget\launcher.exe (Canal+) * c:\program files\hewlett-packard\hp health check\hphc_scheduler.exe (Hewlett-Packard) * c:\program files\hp\hp software update\hpwuschd2.exe (Hewlett-Packard) * c:\program files\nero\nero8\nero backitup\nbkeyscan.exe (Nero AG) * c:\program files\hp\quickplay\qpservice.exe (CyberLink Corp.) * c:\program files\synaptics\syntp\syntpenh.exe (Synaptics, Inc.) * c:\program files\common files\real\update_ob\realsched.exe (RealNetworks, Inc.) * c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe (CyberLink Corp.) 003 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys) ----------------------------------------------------------------- * c:\program files\daemon tools lite\daemon.exe (DT Soft Ltd) * c:\program files\common files\nero\lib\nmindexstoresvr.exe (Nero AG) c:\program files\common files\lightscribe\lightscribecontrolpanel.exe (Hewlett-Packard Company) 010 HKLM\SYSTEM\CurrentControlSet\Services (Services) ----------------------------------------------------- c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe (BitDefender Arrakis Server) c:\program files\common files\bitdefender\bitdefender update service\livesrv.exe (BitDefender Desktop Update Service) c:\program files\bitdefender\bitdefender 2009\vsserv.exe (BitDefender Virus Shield) c:\program files\canal\canal widget\vod\canalplus.vod.exe (CanalPlus.VOD) - c:\program files\cyberlink\shared files\richvideo.exe (Cyberlink RichVideo Service(CRVS)) c:\program files\hewlett-packard\hp health check\hphc_service.exe (HP Health Check Service) c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe (InstallDriver Table Manager) c:\program files\common files\lightscribe\lssrvc.exe (LightScribeService Direct Disc Labeling Service) * c:\program files\nero\nero8\nero backitup\nbservice.exe (Nero BackItUp Scheduler 3) * c:\program files\common files\nero\lib\nmindexingservice.exe (NMIndexingService) c:\windows\system32\ioctlsvc.exe (PLFlash DeviceIoControl Service) * c:\program files\hp\quickplay\kernel\tv\qpcapsvc.exe (QuickPlay Background Capture Service (QBCS)) * c:\program files\hp\quickplay\kernel\tv\qpsched.exe (QuickPlay Task Scheduler (QTS)) * c:\windows\sminst\blservice.exe (Recovery Service for Windows) c:\program files\windows live\installer\wlsetupsvc.exe (Windows Live Setup Service) 011 HKLM\SYSTEM\CurrentControlSet\Services (drivers) ---------------------------------------------------- * C:\Windows\system32\drivers\bdfm.sys (BDFM) C:\Windows\system32\drivers\bdfsfltr.sys (bdfsfltr) c:\program files\common files\bitdefender\bitdefender firewall\bdftdif.sys (bdftdif) c:\program files\bitdefender\bitdefender 2009\bdselfpr.sys (BDSelfPr) * c:\program files\bitdefender\bitdefender 2009\bdvedisk.sys (BDVEDISK) C:\Windows\system32\drivers\bdfndisf.sys (BitDefender Firewall NDIS Filter Service) - c:\combofix\catchme.sys (catchme) - c:\users\vincen~1\appdata\local\temp\cportclm.sys (cportclm) - c:\windows\system32\drivers\ipinip.sys (IP in IP Tunnel Driver) - c:\windows\system32\drivers\nwlnkflt.sys (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkfwd.sys (IPX Traffic Forwarder Driver) C:\Windows\system32\drivers\jmcr.sys (JMCR) c:\program files\common files\bitdefender\bitdefender threat scanner\profos.sys (Profos) C:\Windows\system32\drivers\sptd.sys (sptd) * C:\Windows\system32\drivers\syntp.sys (Synaptics TouchPad Driver) c:\program files\common files\bitdefender\bitdefender threat scanner\trufos.sys (Trufos) 032 HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms ----------------------------------------------------------------------------------- - rdpclip 041 HKLM-HKCU\Software\Microsoft\Internet Explorer\Toolbar ---------------------------------------------------------- c:\program files\bitdefender\bitdefender 2009\ietoolbar.dll (Bitdefender) {381FFDE8-2394-4f90-B10D-FC6124A40F8C} 042 HKLM\Software\Microsoft\Internet Explorer\Extensions -------------------------------------------------------- GUID / CLSID not found {08B0E5C0-4FCB-11CF-AAA5-00401C608501} GUID / CLSID not found {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49} GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263} 047 Trusted zones ----------------- Zone: canal-plus.com : *.canal-plus.com 052 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects ---------------------------------------------------------------------------------- GUID / CLSID not found {7E853D72-626A-48EC-A868-BA8D5E23E045} * c:\program files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer) {3049C3E9-B461-4BC5-8870-4C09146192CA} 061 HKLM-HCKU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved --------------------------------------------------------------------------------- c:\progra~1\izarc\izarccm.dll {CA5FEE26-14C1-4B5A-86E9-233FC0EE2682} c:\progra~1\izarc\izarccm.dll {8D9D4D0D-FDDD-44CB-AAB2-6161FA0757C5} * c:\program files\nero\nero8\nero coverdesigner\coveredextension.dll (Nero AG) {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} * c:\program files\common files\nero\lib\nerodigitalext.dll (Nero AG) {B327765E-D724-4347-8B16-78AE18552FC3} * c:\program files\common files\nero\lib\nerodigitalext.dll (Nero AG) {7F1CF152-04F8-453A-B34C-E609530A9DC8} * c:\program files\real\realplayer\rpshell.dll (RealNetworks, Inc.) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} c:\windows\system32\shellvrtf.dll (XSS) {7F67036B-66F1-411A-AD85-759FB9C5B0DB} 062 HKLM-HKCU\Software\Classes\Folder\Shellex\ColumnHandlers ------------------------------------------------------------ c:\program files\bitdefender\bitdefender 2009\bdfvsctx.dll (BitDefender S.R.L.) {9E96C1F5-0EFA-4348-9460-15D6802C70AA} * c:\program files\common files\nero\lib\nerodigitalext.dll (Nero AG) {7D4D6379-F301-4311-BEBA-E26EB0561882} c:\program files\common files\adobe\acrobat\activex\pdfshell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627} 100 Internet Explorer settings ------------------------------ Start Page HKCU : http://www.orange.fr/ Start Page HKLM : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb 105 HKCU\Software\Microsoft\Internet Explorer\MenuExt ----------------------------------------------------- E&xporter vers Microsoft Excel : res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 170 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ------------------------------------------------------------------------ {0c2917bb-7aa9-11dd-aa7a-806e6f6e6963} : E:\ANNOfinder.exe 173 HKCR\*\shellex\ContextMenuHandlers -------------------------------------- GUID / CLSID not found * c:\program files\nero\nero8\nero coverdesigner\coveredextension.dll (Nero AG) {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} c:\progra~1\izarc\izarccm.dll {8D9D4D0D-FDDD-44CB-AAB2-6161FA0757C5} c:\program files\bitdefender\bitdefender 2009\bdshelxt.dll (BitDefender S.R.L) c:\program files\bitdefender\bitdefender 2009\fshredctx.dll (BitDefender S.R.L.) c:\program files\bitdefender\bitdefender 2009\bdfvsctx.dll (BitDefender S.R.L.) * c:\program files\nero\nero8\nero backitup\nbshell.dll (Nero AG)