A voir également:
- INFECTION HEELP
- Infection winrmsrv ✓ - Forum Virus
- Infection fahcore_a8 ✓ - Forum Virus
- Infection ad.doubleclick.net ✓ - Forum Virus
- Infection FileRepMetagen - Forum Virus
- Infection WonderShare ✓ - Forum Virus
11 réponses
Bonjour
• Télécharge HijackThis outil de diagnostic:
• hijackthis
• Avant de lancer HijackThis, renomme-le !
• Pour cela, suis le chemin ci-dessous, jusqu' au fichier en gras :
C:\Program files\Trend Micro\HijackThis\HijackThis.exe
• Clique droit dessus et choisis "renommer" : tape moulin.exe et valide.
Puis, clique droit sur "moulin.exe" et choisis Envoyer vers -> Bureau (créer un raccourci).
• Reviens sur le bureau et clique sur le nouvel icône pour le lancer.
• Accepte la license en cliquant sur le bouton "I Accept"
• Choisis l'option "Do a system scan and save a log file"
• Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
• Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
• Colle le rapport que tu viens de copier sur ce forum
• Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
• Tuto : tuto
• Télécharge HijackThis outil de diagnostic:
• hijackthis
• Avant de lancer HijackThis, renomme-le !
• Pour cela, suis le chemin ci-dessous, jusqu' au fichier en gras :
C:\Program files\Trend Micro\HijackThis\HijackThis.exe
• Clique droit dessus et choisis "renommer" : tape moulin.exe et valide.
Puis, clique droit sur "moulin.exe" et choisis Envoyer vers -> Bureau (créer un raccourci).
• Reviens sur le bureau et clique sur le nouvel icône pour le lancer.
• Accepte la license en cliquant sur le bouton "I Accept"
• Choisis l'option "Do a system scan and save a log file"
• Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
• Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
• Colle le rapport que tu viens de copier sur ce forum
• Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
• Tuto : tuto
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01:46, on 22/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Windows Live\Family Safety\fsui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\BitComet\BitComet.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmi\LowRateVoip\LowRateVoip.exe
C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe
C:\Programmi\Ares Ultra\Ares Ultra.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Programmi\Windows Live\Family Safety\fsssvc.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Shiretoko\firefox.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\moulin.exe.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww12.cherche.us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fornito da Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programmi\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programmi\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [BitComet] "C:\Programmi\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [VoipZoom] "C:\Programmi\VoipZoom.com\VoipZoom\VoipZoom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [LowRateVoip] "C:\Programmi\LowRateVoip\LowRateVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ActionVoip] "C:\Programmi\ActionVoip.com\ActionVoip\ActionVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [InternetCalls] "C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ares ultra] "C:\Programmi\Ares Ultra\Ares Ultra.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmi\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {BC4B2F36-CC7E-4995-ADF6-EAB4F4C4BA14} (IaxClientOcx Control) - http://fr.smscity.com/Activex/smscity.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/sj/en/check/xp/qdiagh.cab?326
O20 - Winlogon Notify: f0ebb2cf620 - C:\WINDOWS\System32\dnsrslvr32.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate1c9b099f1a21b2c) (gupdate1c9b099f1a21b2c) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
Scan saved at 18:01:46, on 22/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Windows Live\Family Safety\fsui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\BitComet\BitComet.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmi\LowRateVoip\LowRateVoip.exe
C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe
C:\Programmi\Ares Ultra\Ares Ultra.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Programmi\Windows Live\Family Safety\fsssvc.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Shiretoko\firefox.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\moulin.exe.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww12.cherche.us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fornito da Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programmi\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programmi\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [BitComet] "C:\Programmi\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [VoipZoom] "C:\Programmi\VoipZoom.com\VoipZoom\VoipZoom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [LowRateVoip] "C:\Programmi\LowRateVoip\LowRateVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ActionVoip] "C:\Programmi\ActionVoip.com\ActionVoip\ActionVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [InternetCalls] "C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ares ultra] "C:\Programmi\Ares Ultra\Ares Ultra.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmi\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {BC4B2F36-CC7E-4995-ADF6-EAB4F4C4BA14} (IaxClientOcx Control) - http://fr.smscity.com/Activex/smscity.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/sj/en/check/xp/qdiagh.cab?326
O20 - Winlogon Notify: f0ebb2cf620 - C:\WINDOWS\System32\dnsrslvr32.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate1c9b099f1a21b2c) (gupdate1c9b099f1a21b2c) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
• Télécharge:https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
• !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
• Double-cliques sur l'.exe pour lancer l'installe et laisses toi guider
• Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
• Choisis l'option 1 ( "recherche") et tapes "entrée" .
• Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité de son contenu dans ta prochaine réponse ...
• ( le rapport est en outre sauvegardé ici -> C:\TB.txt )
• Tuto :[ https://sites.google.com/site/toolbarsd/aideenimages toolbarSD]
• !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
• Double-cliques sur l'.exe pour lancer l'installe et laisses toi guider
• Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
• Choisis l'option 1 ( "recherche") et tapes "entrée" .
• Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité de son contenu dans ta prochaine réponse ...
• ( le rapport est en outre sauvegardé ici -> C:\TB.txt )
• Tuto :[ https://sites.google.com/site/toolbarsd/aideenimages toolbarSD]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
le rapport
merci
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 01/18/2007 Ver: 08.00.12
USER : HP_Proprietario ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090625-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:39 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (USB) - FAT32 - Total:1933 Mo (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 26/06/2009|18.47 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Programmi\GamesBar
C:\Programmi\GamesBar\Localization2-Italian.ini
-----------\\ Extensions
(HP_Proprietario) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(HP_Proprietario) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript
(HP_Proprietario) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(HP_Proprietario) - {d832c3e4-1a62-48ea-9a1f-5091a1ec3bc5} => cookiebutton
(HP_Proprietario) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Start Page"="https://fr.yahoo.com/"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Start Page Redirect Cache"="https://www.msn.com/it-it"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\ADOBE_ILLUSTRATOR_CS3__with_CRACK_-Fenopy.com[1].torrent
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\Adobe_Premiere_Pro_CS3_Keygen_Crack[1].torrent
C:\DOCUME~1\HP_PRO~1\Desktop\calice\cs3 installe\Adobe Photoshop Cs3 Extended v10.0 Fr {Trial Crack - Windows 2000, Xp & Vista}.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Adobe Flash Cs3 Professional Fr Crack Par Fatah Fr.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 (Programma Matematica) Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\adobe cs2\Adobe Photoshop Cs2 Fr Cd-Original Keygen Activation.iso
C:\DOCUME~1\HP_PRO~1\Desktop\derive\derive.6.ita.+.crack(1).zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including crack TSRh.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including keygen by black_x.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\norton antivirus 2007 full crack serial keygen symantec antivirus 2007 (scaricato)(2)(2).txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\symantec norton antivirus 2007 full version + keygen_rar - infectado.txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs2 v 9 0 multilanguage [en it fr de es jp]+plug-ins+keygen+crack.iso
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs3 multilanguage [en-fr-it-ru-ch-es] with keygen+crack+patch by tzajum.zip
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\info.nfo
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\Install.txt
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-32bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-64bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Avast 4.8.1296 Professional [h33t] - XPLOSiON\Keygen.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.INI
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Documenti\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\HP_PRO~1\Impostazioni locali\Dati applicazioni\ApplicationHistory\Sida Milennum Keygen.exe.5480ca1f.ini
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.dat
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.tif
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\Readme.txt.txt
1 - "C:\ToolBar SD\TB_1.txt" - 29/01/2009|14.59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 29/01/2009|23.27 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 26/06/2009|18.49 - Option : [1]
-----------\\ Fin du rapport a 18.49.36,93
merci
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 01/18/2007 Ver: 08.00.12
USER : HP_Proprietario ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090625-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:39 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (USB) - FAT32 - Total:1933 Mo (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 26/06/2009|18.47 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Programmi\GamesBar
C:\Programmi\GamesBar\Localization2-Italian.ini
-----------\\ Extensions
(HP_Proprietario) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(HP_Proprietario) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript
(HP_Proprietario) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(HP_Proprietario) - {d832c3e4-1a62-48ea-9a1f-5091a1ec3bc5} => cookiebutton
(HP_Proprietario) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Start Page"="https://fr.yahoo.com/"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Start Page Redirect Cache"="https://www.msn.com/it-it"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\ADOBE_ILLUSTRATOR_CS3__with_CRACK_-Fenopy.com[1].torrent
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\Adobe_Premiere_Pro_CS3_Keygen_Crack[1].torrent
C:\DOCUME~1\HP_PRO~1\Desktop\calice\cs3 installe\Adobe Photoshop Cs3 Extended v10.0 Fr {Trial Crack - Windows 2000, Xp & Vista}.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Adobe Flash Cs3 Professional Fr Crack Par Fatah Fr.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 (Programma Matematica) Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\adobe cs2\Adobe Photoshop Cs2 Fr Cd-Original Keygen Activation.iso
C:\DOCUME~1\HP_PRO~1\Desktop\derive\derive.6.ita.+.crack(1).zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including crack TSRh.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including keygen by black_x.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\norton antivirus 2007 full crack serial keygen symantec antivirus 2007 (scaricato)(2)(2).txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\symantec norton antivirus 2007 full version + keygen_rar - infectado.txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs2 v 9 0 multilanguage [en it fr de es jp]+plug-ins+keygen+crack.iso
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs3 multilanguage [en-fr-it-ru-ch-es] with keygen+crack+patch by tzajum.zip
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\info.nfo
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\Install.txt
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-32bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-64bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Avast 4.8.1296 Professional [h33t] - XPLOSiON\Keygen.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.INI
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Documenti\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\HP_PRO~1\Impostazioni locali\Dati applicazioni\ApplicationHistory\Sida Milennum Keygen.exe.5480ca1f.ini
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.dat
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.tif
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\Readme.txt.txt
1 - "C:\ToolBar SD\TB_1.txt" - 29/01/2009|14.59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 29/01/2009|23.27 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 26/06/2009|18.49 - Option : [1]
-----------\\ Fin du rapport a 18.49.36,93
• Nettoyage avec ToolBar S&D :
• !! Déconnectes toi et fermes toute tes applications en cours le temps de la
manipe !!
• Relances Toolbar-S&D en double-cliquant sur le raccourci.
• Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".
• Note : Ne touches à rien lors de la suppression !!
• Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse
• Accompagné d'un nouveau rapport hijackthis pour analyse ...
-----------------------------------------------------------------------------------------------------------------
• !! Déconnectes toi et fermes toute tes applications en cours le temps de la
manipe !!
• Relances Toolbar-S&D en double-cliquant sur le raccourci.
• Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".
• Note : Ne touches à rien lors de la suppression !!
• Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse
• Accompagné d'un nouveau rapport hijackthis pour analyse ...
-----------------------------------------------------------------------------------------------------------------
Merci
rapport 1
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 01/18/2007 Ver: 08.00.12
USER : HP_Proprietario ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090625-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:39 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (USB) - FAT32 - Total:1933 Mo (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 26/06/2009|20.12 )
-----------\\ SUPPRESSION
Supprime! - C:\Programmi\GamesBar\Localization2-Italian.ini
Supprime! - C:\Programmi\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(HP_Proprietario) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(HP_Proprietario) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript
(HP_Proprietario) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(HP_Proprietario) - {d832c3e4-1a62-48ea-9a1f-5091a1ec3bc5} => cookiebutton
(HP_Proprietario) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Start Page"="https://fr.yahoo.com/"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Start Page Redirect Cache"="https://www.msn.com/it-it"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\ADOBE_ILLUSTRATOR_CS3__with_CRACK_-Fenopy.com[1].torrent
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\Adobe_Premiere_Pro_CS3_Keygen_Crack[1].torrent
C:\DOCUME~1\HP_PRO~1\Desktop\calice\cs3 installe\Adobe Photoshop Cs3 Extended v10.0 Fr {Trial Crack - Windows 2000, Xp & Vista}.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Adobe Flash Cs3 Professional Fr Crack Par Fatah Fr.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 (Programma Matematica) Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\adobe cs2\Adobe Photoshop Cs2 Fr Cd-Original Keygen Activation.iso
C:\DOCUME~1\HP_PRO~1\Desktop\derive\derive.6.ita.+.crack(1).zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including crack TSRh.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including keygen by black_x.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\norton antivirus 2007 full crack serial keygen symantec antivirus 2007 (scaricato)(2)(2).txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\symantec norton antivirus 2007 full version + keygen_rar - infectado.txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs2 v 9 0 multilanguage [en it fr de es jp]+plug-ins+keygen+crack.iso
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs3 multilanguage [en-fr-it-ru-ch-es] with keygen+crack+patch by tzajum.zip
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\info.nfo
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\Install.txt
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-32bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-64bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Avast 4.8.1296 Professional [h33t] - XPLOSiON\Keygen.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.INI
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Documenti\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\HP_PRO~1\Impostazioni locali\Dati applicazioni\ApplicationHistory\Sida Milennum Keygen.exe.5480ca1f.ini
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.dat
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.tif
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\Readme.txt.txt
1 - "C:\ToolBar SD\TB_1.txt" - 29/01/2009|14.59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 29/01/2009|23.27 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 26/06/2009|18.49 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 26/06/2009|20.15 - Option : [2]
-----------\\ Fin du rapport a 20.15.38,32
rapport 1
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 01/18/2007 Ver: 08.00.12
USER : HP_Proprietario ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090625-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:39 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (USB) - FAT32 - Total:1933 Mo (Free:0 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 26/06/2009|20.12 )
-----------\\ SUPPRESSION
Supprime! - C:\Programmi\GamesBar\Localization2-Italian.ini
Supprime! - C:\Programmi\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(HP_Proprietario) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(HP_Proprietario) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript
(HP_Proprietario) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(HP_Proprietario) - {d832c3e4-1a62-48ea-9a1f-5091a1ec3bc5} => cookiebutton
(HP_Proprietario) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/"
"Start Page"="https://fr.yahoo.com/"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Start Page Redirect Cache"="https://www.msn.com/it-it"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\ADOBE_ILLUSTRATOR_CS3__with_CRACK_-Fenopy.com[1].torrent
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\Adobe_Premiere_Pro_CS3_Keygen_Crack[1].torrent
C:\DOCUME~1\HP_PRO~1\Desktop\calice\cs3 installe\Adobe Photoshop Cs3 Extended v10.0 Fr {Trial Crack - Windows 2000, Xp & Vista}.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Adobe Flash Cs3 Professional Fr Crack Par Fatah Fr.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 (Programma Matematica) Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\adobe cs2\Adobe Photoshop Cs2 Fr Cd-Original Keygen Activation.iso
C:\DOCUME~1\HP_PRO~1\Desktop\derive\derive.6.ita.+.crack(1).zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including crack TSRh.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including keygen by black_x.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\norton antivirus 2007 full crack serial keygen symantec antivirus 2007 (scaricato)(2)(2).txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\symantec norton antivirus 2007 full version + keygen_rar - infectado.txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs2 v 9 0 multilanguage [en it fr de es jp]+plug-ins+keygen+crack.iso
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs3 multilanguage [en-fr-it-ru-ch-es] with keygen+crack+patch by tzajum.zip
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\info.nfo
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\Install.txt
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-32bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-64bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Avast 4.8.1296 Professional [h33t] - XPLOSiON\Keygen.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.INI
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Documenti\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\HP_PRO~1\Impostazioni locali\Dati applicazioni\ApplicationHistory\Sida Milennum Keygen.exe.5480ca1f.ini
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.dat
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.tif
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\Readme.txt.txt
1 - "C:\ToolBar SD\TB_1.txt" - 29/01/2009|14.59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 29/01/2009|23.27 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 26/06/2009|18.49 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 26/06/2009|20.15 - Option : [2]
-----------\\ Fin du rapport a 20.15.38,32
Tu devrais supprimer tous tes cracks ,vecteur d'infections.Un lien pour comprendre le danger des cracks.
https://forum.malekal.com/viewtopic.php?t=893&start=
• Télécharge : http://images.malwareremoval.com/random/RSIT.exe
/!\ Important (Sous Vista) /!\
Vous devez exécuter RSIT avec les droits d'administrateur, pour cela Clique droit sur RSIT et "Lancer en tant qu'administrateur"
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur 'Continue' à l'écran Disclaimer.
• Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
• Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.
( C:\RSIT\log.txt et C:\RSIT\info.txt )
• CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller
• tuto: : https://www.androidworld.fr/
https://forum.malekal.com/viewtopic.php?t=893&start=
• Télécharge : http://images.malwareremoval.com/random/RSIT.exe
/!\ Important (Sous Vista) /!\
Vous devez exécuter RSIT avec les droits d'administrateur, pour cela Clique droit sur RSIT et "Lancer en tant qu'administrateur"
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur 'Continue' à l'écran Disclaimer.
• Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
• Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.
( C:\RSIT\log.txt et C:\RSIT\info.txt )
• CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller
• tuto: : https://www.androidworld.fr/
rapport
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Proprietario at 2009-06-26 20:56:56
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 41 GB (28%) free of 147 GB
Total RAM: 959 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:59, on 26/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Windows Live\Family Safety\fsssvc.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Windows Live\Family Safety\fsui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmi\BitComet\BitComet.exe
C:\Programmi\LowRateVoip\LowRateVoip.exe
C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe
C:\Programmi\Ares Ultra\Ares Ultra.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Shiretoko\firefox.exe
C:\WINDOWS\system32\spider.exe
C:\Documents and Settings\HP_Proprietario\Documenti\Downloads\RSIT(2).exe
C:\Programmi\Trend Micro\HijackThis\HP_Proprietario.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\yt.dll
R3 - URLSearchHook: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LowRateVoip] "C:\Programmi\LowRateVoip\LowRateVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [InternetCalls] "C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ares ultra] "C:\Programmi\Ares Ultra\Ares Ultra.exe" -h
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmi\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {BC4B2F36-CC7E-4995-ADF6-EAB4F4C4BA14} (IaxClientOcx Control) - http://fr.smscity.com/Activex/smscity.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/sj/en/check/xp/qdiagh.cab?326
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate1c9b099f1a21b2c) (gupdate1c9b099f1a21b2c) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Proprietario at 2009-06-26 20:56:56
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 41 GB (28%) free of 147 GB
Total RAM: 959 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:59, on 26/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Windows Live\Family Safety\fsssvc.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Windows Live\Family Safety\fsui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmi\BitComet\BitComet.exe
C:\Programmi\LowRateVoip\LowRateVoip.exe
C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe
C:\Programmi\Ares Ultra\Ares Ultra.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Shiretoko\firefox.exe
C:\WINDOWS\system32\spider.exe
C:\Documents and Settings\HP_Proprietario\Documenti\Downloads\RSIT(2).exe
C:\Programmi\Trend Micro\HijackThis\HP_Proprietario.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\yt.dll
R3 - URLSearchHook: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmi\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dynamick Toolbar - {125789a1-6861-408e-a342-288a735c5e22} - C:\Programmi\Dynamick\tbDyna.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmi\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programmi\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LowRateVoip] "C:\Programmi\LowRateVoip\LowRateVoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [InternetCalls] "C:\Programmi\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ares ultra] "C:\Programmi\Ares Ultra\Ares Ultra.exe" -h
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: Scarica tutti i video usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Scarica tutto usando BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Scarica usando &BitComet - res://C:\Programmi\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmi\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {BC4B2F36-CC7E-4995-ADF6-EAB4F4C4BA14} (IaxClientOcx Control) - http://fr.smscity.com/Activex/smscity.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/sj/en/check/xp/qdiagh.cab?326
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate1c9b099f1a21b2c) (gupdate1c9b099f1a21b2c) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmi\file comuni\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService.exe
-------------------\\ Cracks & Keygens ..Tu as tout ca dans ton pc .Certainement issue du p2p.
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\ADOBE_ILLUSTRATOR_CS3__with_CRACK_-Fenopy.com[1].torrent
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\Adobe_Premiere_Pro_CS3_Keygen_Crack[1].torrent
C:\DOCUME~1\HP_PRO~1\Desktop\calice\cs3 installe\Adobe Photoshop Cs3 Extended v10.0 Fr {Trial Crack - Windows 2000, Xp & Vista}.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Adobe Flash Cs3 Professional Fr Crack Par Fatah Fr.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 (Programma Matematica) Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\adobe cs2\Adobe Photoshop Cs2 Fr Cd-Original Keygen Activation.iso
C:\DOCUME~1\HP_PRO~1\Desktop\derive\derive.6.ita.+.crack(1).zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including crack TSRh.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including keygen by black_x.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\norton antivirus 2007 full crack serial keygen symantec antivirus 2007 (scaricato)(2)(2).txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\symantec norton antivirus 2007 full version + keygen_rar - infectado.txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs2 v 9 0 multilanguage [en it fr de es jp]+plug-ins+keygen+crack.iso
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs3 multilanguage [en-fr-it-ru-ch-es] with keygen+crack+patch by tzajum.zip
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\info.nfo
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\Install.txt
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-32bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-64bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Avast 4.8.1296 Professional [h33t] - XPLOSiON\Keygen.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.INI
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Documenti\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\HP_PRO~1\Impostazioni locali\Dati applicazioni\ApplicationHistory\Sida Milennum Keygen.exe.5480ca1f.ini
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.dat
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.tif
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\Readme.txt.txt
-------------------------------------------------------------------------------------------------------------------------
• Télécharges :Unlocker
• Installes le programme.Décoches Ebay.
• Se positionner sur le répertoire ou le fichier à supprimer, click droit souris, lancer unlocker dans ce menu click droit.
• Pour toi ce sera :C:\Programmi\Dynamick\tbDyna.dll
• Choisir effacer.
------------------------------------------------------------------------------------------------------------------
Post un nouveau rapport hijackthis.Ensuite on procédera a un épurage de tous tes processus inutile au démarrage.
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\ADOBE_ILLUSTRATOR_CS3__with_CRACK_-Fenopy.com[1].torrent
C:\DOCUME~1\HP_PRO~1\Dati applicazioni\Azureus\torrents\Adobe_Premiere_Pro_CS3_Keygen_Crack[1].torrent
C:\DOCUME~1\HP_PRO~1\Desktop\calice\cs3 installe\Adobe Photoshop Cs3 Extended v10.0 Fr {Trial Crack - Windows 2000, Xp & Vista}.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Adobe Flash Cs3 Professional Fr Crack Par Fatah Fr.rar
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 (Programma Matematica) Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\Derive 6 Ita Crack.zip
C:\DOCUME~1\HP_PRO~1\Desktop\calice\Nuova cartella\MUSIQUE\adobe cs2\Adobe Photoshop Cs2 Fr Cd-Original Keygen Activation.iso
C:\DOCUME~1\HP_PRO~1\Desktop\derive\derive.6.ita.+.crack(1).zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\keygen Autocad\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including crack TSRh.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\nero 7,5\capturer password yahoo including keygen by black_x.zip
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\norton antivirus 2007 full crack serial keygen symantec antivirus 2007 (scaricato)(2)(2).txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\Nvo Music\terys\symantec norton antivirus 2007 full version + keygen_rar - infectado.txt
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs2 v 9 0 multilanguage [en it fr de es jp]+plug-ins+keygen+crack.iso
C:\DOCUME~1\HP_PRO~1\Desktop\MAURICE\terys\___ARESTRA___adobe photoshop cs3 multilanguage [en-fr-it-ru-ch-es] with keygen+crack+patch by tzajum.zip
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\info.nfo
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\Install.txt
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-32bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\AutoCAD LT 2009 x32 ITA [GigaCREW]\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew.part1\AutoCAD.LT.2009.ITA.x32bit.by.GigaCrew\KeyGen x32 x64\XF-ACADLT2k9-64bit-KG.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Avast 4.8.1296 Professional [h33t] - XPLOSiON\Keygen.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.exe
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\Derive6.INI
C:\DOCUME~1\HP_PRO~1\Desktop\TEMEZE\TELECHARGEMENT\Derive v6.10\crack\key.reg
C:\DOCUME~1\HP_PRO~1\Documenti\keygen AUTOCAD.exe
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).daa
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\ADOBE.ILLUSTRATOR.CS3 (with CRACK).nfo
C:\DOCUME~1\HP_PRO~1\Documenti\Azureus Downloads\ADOBE.ILLUSTRATOR.CS3 (with CRACK)\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\HP_PRO~1\Impostazioni locali\Dati applicazioni\ApplicationHistory\Sida Milennum Keygen.exe.5480ca1f.ini
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.dat
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\hpothb07.tif
C:\DOCUME~1\ALLUSE~1\Documenti\Autodesk AutoCAD 2007 - keygen\Readme.txt.txt
-------------------------------------------------------------------------------------------------------------------------
• Télécharges :Unlocker
• Installes le programme.Décoches Ebay.
• Se positionner sur le répertoire ou le fichier à supprimer, click droit souris, lancer unlocker dans ce menu click droit.
• Pour toi ce sera :C:\Programmi\Dynamick\tbDyna.dll
• Choisir effacer.
------------------------------------------------------------------------------------------------------------------
Post un nouveau rapport hijackthis.Ensuite on procédera a un épurage de tous tes processus inutile au démarrage.
