Un virus le retour
bb
-
Utilisateur anonyme -
Utilisateur anonyme -
Logfile of random's system information tool 1.08 (written by random/random)
Run by lina at 2010-09-27 18:50:52
Microsoft® Windows Vista(TM) Home Premium Service Pack 2
System drive C: has 7 GB (12%) free of 53 GB
Total RAM: 1021 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:54, on 27/09/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\lina\Desktop\RSIT.exe
C:\Program Files\trend micro\lina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1269415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\tbDown.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\tbDown.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
O3 - Toolbar: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\tbDown.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.3.118\kwtbaim.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [gexphabs] "c:\users\lina\appdata\local\gexphabs.exe" gexphabs
O4 - HKCU\..\RunOnce: [05647508] "C:\Users\lina\AppData\Local\05647508.exe" 8 38
O4 - HKCU\..\RunOnce: [9326414] "C:\Users\lina\AppData\Local\9326414.exe" 8 47
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: RocketDock.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PHOTOfunSTUDIO 5.0.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12276 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{8C1AB4AD-D37D-401E-896B-1414D3279B4C}.job
C:\Windows\tasks\Verifica aggiornamenti per Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}]
SWEETIE Class - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll [2006-11-05 548992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
Kiwee Toolbar - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll [2008-02-18 248976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Guida per l'accesso a Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-02-14 2423872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf}]
Download Energy Toolbar - C:\Program Files\Download_Energy\tbDown.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-17 1233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - SweetIM For Internet Explorer - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll [2006-11-05 548992]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-02-14 2423872]
{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll [2008-02-18 248976]
{ad708c09-d51b-45b3-9d28-4eba2681febf} - Download Energy Toolbar - C:\Program Files\Download_Energy\tbDown.dll [2009-12-31 2349080]
{D4027C7F-154A-4066-A1AD-4243D8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-17 1233288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168]
"Acer Tour"= []
"SetPanel"= []
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-08 614400]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [2006-10-31 304664]
"LVCOMSX"=C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [2006-11-28 244512]
"AcerOrbicamRibbon"=C:\Program Files\Acer\OrbiCam10\OrbiCam.exe [2006-11-28 754712]
"eRecoveryService"= []
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-14 151552]
"KiweeHook"=C:\Program Files\Kiwee Toolbar2\1.3.118\kwtbaim.exe [2008-02-18 48264]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-20 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-20 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-20 81920]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2009-11-30 2654512]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"????r"= []
"?????????"=??????????????e []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Acer Tour Reminder"= []
"msnmsgr"=~C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2007-10-14 103712]
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-19 192000]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"gexphabs"=c:\users\lina\appdata\local\gexphabs.exe [2010-09-24 589824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"05647508"=C:\Users\lina\AppData\Local\05647508.exe [2010-09-26 941056]
"9326414"=C:\Users\lina\AppData\Local\9326414.exe [2010-09-26 941056]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
PHOTOfunSTUDIO 5.0.lnk - C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
C:\Users\lina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
RocketDock.lnk - C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
UberIcon.lnk - C:\Windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\Windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SetVisualStyle"=C:\Windows\Resources\Themes\Inspirat2\Inspirat2.msstyles
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-27 18:47:23 ----D---- C:\rsit
2010-09-27 18:47:23 ----D---- C:\Program Files\trend micro
2010-09-27 12:04:57 ----A---- C:\Windows\ntbtlog.txt
2010-09-19 22:59:44 ----D---- C:\Users\lina\AppData\Roaming\Mozilla
2010-09-19 22:58:40 ----D---- C:\Program Files\Ask.com
2010-09-19 22:57:30 ----D---- C:\Program Files\LimeWire
2010-09-19 22:06:57 ----A---- C:\Windows\system32\usp10.dll
2010-09-19 22:06:50 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-19 22:06:35 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-19 21:53:32 ----A---- C:\Windows\system32\inetcomm.dll
======List of files/folders modified in the last 1 months======
2010-09-28 04:29:56 ----D---- C:\Windows\system32\config
2010-09-28 04:29:50 ----D---- C:\Windows\Tasks
2010-09-28 04:29:50 ----D---- C:\Windows\system32\spool
2010-09-28 04:29:50 ----D---- C:\Windows\system32\Msdtc
2010-09-28 04:29:50 ----D---- C:\Windows\system32\drivers\etc
2010-09-28 04:29:50 ----D---- C:\Windows\system32\catroot2
2010-09-28 04:29:50 ----D---- C:\Windows\System32
2010-09-28 04:29:50 ----D---- C:\Windows\inf
2010-09-28 04:29:50 ----D---- C:\Windows
2010-09-28 04:29:49 ----D---- C:\Windows\system32\wbem
2010-09-28 04:29:49 ----D---- C:\Windows\registration
2010-09-28 04:28:42 ----SHD---- C:\System Volume Information
2010-09-27 18:47:23 ----RD---- C:\Program Files
2010-09-27 18:41:40 ----D---- C:\Windows\Temp
2010-09-27 18:34:19 ----D---- C:\Users\lina\AppData\Roaming\LimeWire
2010-09-27 18:25:45 ----D---- C:\Windows\tracing
2010-09-27 17:57:51 ----D---- C:\Program Files\eMule
2010-09-27 12:22:01 ----D---- C:\Windows\Logs
2010-09-27 12:21:06 ----SHD---- C:\Windows\Installer
2010-09-27 12:16:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-26 22:26:01 ----D---- C:\Windows\Prefetch
2010-09-25 23:58:28 ----D---- C:\Windows\winsxs
2010-09-25 23:28:07 ----D---- C:\Windows\system32\catroot
2010-09-25 23:25:39 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-25 23:24:20 ----D---- C:\Program Files\Windows Mail
2010-09-25 23:04:27 ----A---- C:\Windows\system32\mrt.exe
2010-09-22 20:01:37 ----D---- C:\Users\lina\AppData\Roaming\dvdcss
2010-09-21 10:33:06 ----SD---- C:\Windows\Downloaded Program Files
2010-09-19 22:58:48 ----D---- C:\Windows\system32\Tasks
2010-09-03 21:37:27 ----D---- C:\Users\lina\AppData\Roaming\Apple Computer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-01-02 20264]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-01-02 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-01-02 60712]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-30 23248]
R3 bcm4sbxp;Driver di Windows XP per Broadcom 440x 10/100 Integrated Controller; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 NETw3v32;Driver per scheda di rete Intel(R) PRO/Wireless 3945ABG per Windows Vista a 32 bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-02-01 6144]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2009-11-30 149840]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-30 46544]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2009-11-30 19024]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2009-11-30 51792]
S2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
S2 irda;Protocollo IrDA; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 BthEnum;Servizio enumeratore Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Dispositivo Bluetooth (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Driver della porta Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Driver USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Periferica audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2006-11-06 78128]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 80176]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-06 16560]
S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2008-12-06 10976]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2008-12-06 22368]
S3 HdAudAddService;Driver di funzioni Microsoft 1.1 UAA per servizio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\Windows\system32\DRIVERS\lv321av.sys [2006-11-28 847392]
S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-20 4448160]
S3 RFCOMM;Dispositivo Bluetooth (RFCOMM protocollo TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\Windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\Windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\Windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
S3 SMSCIRDA;SMSC Infrared Device Driver; C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 31232]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys []
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-11-30 40384]
S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
S2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512]
S2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
S2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
S2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152]
S2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576]
S2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
S2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
S2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-11-30 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-11-30 40384]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-14 138168]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
-----------------EOF-----------------
Run by lina at 2010-09-27 18:50:52
Microsoft® Windows Vista(TM) Home Premium Service Pack 2
System drive C: has 7 GB (12%) free of 53 GB
Total RAM: 1021 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:54, on 27/09/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\lina\Desktop\RSIT.exe
C:\Program Files\trend micro\lina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1269415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\tbDown.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\tbDown.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll
O3 - Toolbar: Download Energy Toolbar - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\tbDown.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.3.118\kwtbaim.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [gexphabs] "c:\users\lina\appdata\local\gexphabs.exe" gexphabs
O4 - HKCU\..\RunOnce: [05647508] "C:\Users\lina\AppData\Local\05647508.exe" 8 38
O4 - HKCU\..\RunOnce: [9326414] "C:\Users\lina\AppData\Local\9326414.exe" 8 47
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: RocketDock.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PHOTOfunSTUDIO 5.0.lnk = C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12276 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{8C1AB4AD-D37D-401E-896B-1414D3279B4C}.job
C:\Windows\tasks\Verifica aggiornamenti per Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}]
SWEETIE Class - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll [2006-11-05 548992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
Kiwee Toolbar - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll [2008-02-18 248976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Guida per l'accesso a Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-02-14 2423872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf}]
Download Energy Toolbar - C:\Program Files\Download_Energy\tbDown.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-17 1233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - SweetIM For Internet Explorer - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll [2006-11-05 548992]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-02-14 2423872]
{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar2\1.3.118\KiweeIEToolbar.dll [2008-02-18 248976]
{ad708c09-d51b-45b3-9d28-4eba2681febf} - Download Energy Toolbar - C:\Program Files\Download_Energy\tbDown.dll [2009-12-31 2349080]
{D4027C7F-154A-4066-A1AD-4243D8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-17 1233288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168]
"Acer Tour"= []
"SetPanel"= []
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-08 614400]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [2006-10-31 304664]
"LVCOMSX"=C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [2006-11-28 244512]
"AcerOrbicamRibbon"=C:\Program Files\Acer\OrbiCam10\OrbiCam.exe [2006-11-28 754712]
"eRecoveryService"= []
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-14 151552]
"KiweeHook"=C:\Program Files\Kiwee Toolbar2\1.3.118\kwtbaim.exe [2008-02-18 48264]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-20 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-20 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-20 81920]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2009-11-30 2654512]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"????r"= []
"?????????"=??????????????e []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Acer Tour Reminder"= []
"msnmsgr"=~C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2007-10-14 103712]
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-19 192000]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"gexphabs"=c:\users\lina\appdata\local\gexphabs.exe [2010-09-24 589824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"05647508"=C:\Users\lina\AppData\Local\05647508.exe [2010-09-26 941056]
"9326414"=C:\Users\lina\AppData\Local\9326414.exe [2010-09-26 941056]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
PHOTOfunSTUDIO 5.0.lnk - C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
C:\Users\lina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
RocketDock.lnk - C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
UberIcon.lnk - C:\Windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\Windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SetVisualStyle"=C:\Windows\Resources\Themes\Inspirat2\Inspirat2.msstyles
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-27 18:47:23 ----D---- C:\rsit
2010-09-27 18:47:23 ----D---- C:\Program Files\trend micro
2010-09-27 12:04:57 ----A---- C:\Windows\ntbtlog.txt
2010-09-19 22:59:44 ----D---- C:\Users\lina\AppData\Roaming\Mozilla
2010-09-19 22:58:40 ----D---- C:\Program Files\Ask.com
2010-09-19 22:57:30 ----D---- C:\Program Files\LimeWire
2010-09-19 22:06:57 ----A---- C:\Windows\system32\usp10.dll
2010-09-19 22:06:50 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-19 22:06:35 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-19 21:53:32 ----A---- C:\Windows\system32\inetcomm.dll
======List of files/folders modified in the last 1 months======
2010-09-28 04:29:56 ----D---- C:\Windows\system32\config
2010-09-28 04:29:50 ----D---- C:\Windows\Tasks
2010-09-28 04:29:50 ----D---- C:\Windows\system32\spool
2010-09-28 04:29:50 ----D---- C:\Windows\system32\Msdtc
2010-09-28 04:29:50 ----D---- C:\Windows\system32\drivers\etc
2010-09-28 04:29:50 ----D---- C:\Windows\system32\catroot2
2010-09-28 04:29:50 ----D---- C:\Windows\System32
2010-09-28 04:29:50 ----D---- C:\Windows\inf
2010-09-28 04:29:50 ----D---- C:\Windows
2010-09-28 04:29:49 ----D---- C:\Windows\system32\wbem
2010-09-28 04:29:49 ----D---- C:\Windows\registration
2010-09-28 04:28:42 ----SHD---- C:\System Volume Information
2010-09-27 18:47:23 ----RD---- C:\Program Files
2010-09-27 18:41:40 ----D---- C:\Windows\Temp
2010-09-27 18:34:19 ----D---- C:\Users\lina\AppData\Roaming\LimeWire
2010-09-27 18:25:45 ----D---- C:\Windows\tracing
2010-09-27 17:57:51 ----D---- C:\Program Files\eMule
2010-09-27 12:22:01 ----D---- C:\Windows\Logs
2010-09-27 12:21:06 ----SHD---- C:\Windows\Installer
2010-09-27 12:16:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-26 22:26:01 ----D---- C:\Windows\Prefetch
2010-09-25 23:58:28 ----D---- C:\Windows\winsxs
2010-09-25 23:28:07 ----D---- C:\Windows\system32\catroot
2010-09-25 23:25:39 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-25 23:24:20 ----D---- C:\Program Files\Windows Mail
2010-09-25 23:04:27 ----A---- C:\Windows\system32\mrt.exe
2010-09-22 20:01:37 ----D---- C:\Users\lina\AppData\Roaming\dvdcss
2010-09-21 10:33:06 ----SD---- C:\Windows\Downloaded Program Files
2010-09-19 22:58:48 ----D---- C:\Windows\system32\Tasks
2010-09-03 21:37:27 ----D---- C:\Users\lina\AppData\Roaming\Apple Computer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-01-02 20264]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-01-02 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-01-02 60712]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-30 23248]
R3 bcm4sbxp;Driver di Windows XP per Broadcom 440x 10/100 Integrated Controller; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 NETw3v32;Driver per scheda di rete Intel(R) PRO/Wireless 3945ABG per Windows Vista a 32 bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-02-01 6144]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2009-11-30 149840]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-30 46544]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2009-11-30 19024]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2009-11-30 51792]
S2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
S2 irda;Protocollo IrDA; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 BthEnum;Servizio enumeratore Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Dispositivo Bluetooth (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Driver della porta Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Driver USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Periferica audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2006-11-06 78128]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 80176]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-06 16560]
S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2008-12-06 10976]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2008-12-06 22368]
S3 HdAudAddService;Driver di funzioni Microsoft 1.1 UAA per servizio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\Windows\system32\DRIVERS\lv321av.sys [2006-11-28 847392]
S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-20 4448160]
S3 RFCOMM;Dispositivo Bluetooth (RFCOMM protocollo TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\Windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\Windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\Windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
S3 SMSCIRDA;SMSC Infrared Device Driver; C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 31232]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys []
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-11-30 40384]
S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
S2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512]
S2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
S2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
S2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152]
S2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576]
S2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
S2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
S2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-11-30 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-11-30 40384]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-14 138168]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
-----------------EOF-----------------
A voir également:
- Un virus le retour
- Ygg le retour - Guide
- Virus mcafee - Accueil - Piratage
- Retour à la ligne chatgpt - Forum PHP
- Aller à la ligne lors de la rédaction d'un message ✓ - Forum MacOS
- Comment faire retour sur mac - Forum MacOS
1 réponse
Salut
* Bienvenue sur CCM !
* N'ouvre pas d'autres sujets pour le même problème >> sur ce forum ou sur un autre
* Ensemble nous allons essayer de régler ton problème .
1) * Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)
* Ad-Remover permet d'éliminer proprement les publiciels vérolés, « adware » en anglais.
* Affichant de la publicité en échange d'un service gratuit,
* certains d'entre eux contiennent des logiciels espions violant votre vie privée numérique tout en modifiant le comportement de ton système.
ICI >>AD-Remover
/!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\
* Double-clique sur l'icône Ad-remover située sur ton Bureau.
* Sur la page, clique sur le bouton « Nettoyer »
* Confirme l'opération
* Poste le rapport qui apparaît à la fin.
* (Le rapport est sauvegardé aussi sous C:\Ad-report.)
* (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
2)) * Désactive ton Antivirus
*Regarde >> Désactiver les protections résidentes
Désactiver les protections résidentes
* Télécharge Navilog1
*Navilog1 est un logiciel permettant de désinfecter les machines affectées par :
- EGDAccess- Navipromo- Instant Access- Magic.control
ICI >> Navilog1
* Déconnectes toi et fermes toutes applications en cours
* Windows7/Vista ==>un clic droit dessus et dans le menu contextuel choisssez "Exécuter en tant qu'administrateur".
* Double clique sur Navilog1.exe pour lancer l' installation.
* Une fois l' installation terminée, le fix s' exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
* Laisse-toi guider et au menu principal,
* choisis >> Mode 1(recherche/Désinfection) =>et valide.
* Patiente jusqu' au message : " Analyse terminée le ..."
* Appuie sur une touche comme demandé, le Bloc-notes va s' ouvrir.
* Copie-colle l' intégralité du rapport ici et referme le Bloc-notes.
(Le rapport est en outre sauvegardé à la racine du disque : fixnavi.txt)
* N oublies de réactiver ton Antivirus
3)* Télécharge ZHPDiag (de Nicolas coolman)
* ZHPDiag est un outil de diagnostic (Réalisé par Nicolas Coolman) .
Le logiciel permet d'effectuer un diagnostic rapide et complet de son système d'exploitation plus complet qu un rapport d'HijackThis
Il scrute ta Base de Registre et énumère les zones sensibles qui sont susceptibles d'être infectées.
ICI >> ZHPDiag (de Nicolas coolman)
* Une fois le téléchargement achevé,
* double clique sur ZHPDiag.exe et suis les instructions.
* /!\Utilisateurs de Windows Vista et Windows 7
* >> Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
* Laisse toi guider lors de l'installation,
* coche >> créer une icône sur le bureau
* il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport
Membre Contributeur sécurité CCM
Windows Vista // Windows XP
* Bienvenue sur CCM !
* N'ouvre pas d'autres sujets pour le même problème >> sur ce forum ou sur un autre
* Ensemble nous allons essayer de régler ton problème .
1) * Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)
* Ad-Remover permet d'éliminer proprement les publiciels vérolés, « adware » en anglais.
* Affichant de la publicité en échange d'un service gratuit,
* certains d'entre eux contiennent des logiciels espions violant votre vie privée numérique tout en modifiant le comportement de ton système.
ICI >>AD-Remover
/!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\
* Double-clique sur l'icône Ad-remover située sur ton Bureau.
* Sur la page, clique sur le bouton « Nettoyer »
* Confirme l'opération
* Poste le rapport qui apparaît à la fin.
* (Le rapport est sauvegardé aussi sous C:\Ad-report.)
* (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
2)) * Désactive ton Antivirus
*Regarde >> Désactiver les protections résidentes
Désactiver les protections résidentes
* Télécharge Navilog1
*Navilog1 est un logiciel permettant de désinfecter les machines affectées par :
- EGDAccess- Navipromo- Instant Access- Magic.control
ICI >> Navilog1
* Déconnectes toi et fermes toutes applications en cours
* Windows7/Vista ==>un clic droit dessus et dans le menu contextuel choisssez "Exécuter en tant qu'administrateur".
* Double clique sur Navilog1.exe pour lancer l' installation.
* Une fois l' installation terminée, le fix s' exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
* Laisse-toi guider et au menu principal,
* choisis >> Mode 1(recherche/Désinfection) =>et valide.
* Patiente jusqu' au message : " Analyse terminée le ..."
* Appuie sur une touche comme demandé, le Bloc-notes va s' ouvrir.
* Copie-colle l' intégralité du rapport ici et referme le Bloc-notes.
(Le rapport est en outre sauvegardé à la racine du disque : fixnavi.txt)
* N oublies de réactiver ton Antivirus
3)* Télécharge ZHPDiag (de Nicolas coolman)
* ZHPDiag est un outil de diagnostic (Réalisé par Nicolas Coolman) .
Le logiciel permet d'effectuer un diagnostic rapide et complet de son système d'exploitation plus complet qu un rapport d'HijackThis
Il scrute ta Base de Registre et énumère les zones sensibles qui sont susceptibles d'être infectées.
ICI >> ZHPDiag (de Nicolas coolman)
* Une fois le téléchargement achevé,
* double clique sur ZHPDiag.exe et suis les instructions.
* /!\Utilisateurs de Windows Vista et Windows 7
* >> Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
* Laisse toi guider lors de l'installation,
* coche >> créer une icône sur le bureau
* il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport
Membre Contributeur sécurité CCM
Windows Vista // Windows XP
