Se connecter avec
S'enregistrer | Connectez-vous

Comment désinstaler WinAntivirus Pro 2006

Dernière réponse : dans Sécurité
Lassé par la pub ? Créez un compte

Bonjour

Télécharge le logiciel HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

Fais un scan et poste l'analyse.


Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.
https://europe.f-secure.com/blacklight/try.shtml
Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.

Double-clique blbeta.exe et accepte la licence; clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse

Salut Chercheurpaca,

je vous copie/colle HijachThis:

Logfile of HijackThis v1.99.1
Scan saved at 16.22.53, on 17/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\acs.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\Launch Manager\LaunchAp.exe
C:\Programmi\Launch Manager\PowerKey.exe
C:\Programmi\Launch Manager\HotkeyApp.exe
C:\Programmi\Launch Manager\OSDCtrl.exe
C:\Programmi\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Atheros\ACU.exe
C:\Programmi\a-squared Anti-Malware\a2guard.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Programmi\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Windows Defender\MsMpEng.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchTool\nsn4D.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {E954DB82-1533-4714-92F2-59C98D5C18CC} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Programmi\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Programmi\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Programmi\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Programmi\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Programmi\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Programmi\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ACU] C:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [a-squared] "C:\Programmi\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [kav] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ccleaner] "C:\Programmi\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/1.0.0971.42/...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://solsikke68.spaces.live.com//PhotoUpload/MsnPUpld...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Servizio di configurazione Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe

__________________________________________
blbeta: fsbl-20061117152

11/17/06 16:26:07 [Info]: BlackLight Engine 1.0.47 initialized
11/17/06 16:26:07 [Info]: OS: 5.1 build 2600 (Service Pack 2)
11/17/06 16:26:07 [Note]: 7019 4
11/17/06 16:26:07 [Note]: 7005 0
11/17/06 16:26:20 [Note]: 7006 0
11/17/06 16:26:20 [Note]: 7011 1380
11/17/06 16:26:20 [Note]: 7026 0
11/17/06 16:26:20 [Note]: 7026 0
11/17/06 16:26:28 [Note]: FSRAW library version 1.7.1020

J'ai meme Windows defender en cas ....

Merçi

Rien avec BlackLight et Hijackhis.

Télécharge Silent Runners
http://www.silentrunners.org/Silent%20Runners.zip

Si tu as une alerte de ton antivirus au cours du téléchargement, ou au cours de son utilisation au sujet de ce script, n'en tiend pas compte.

Une fois téléchargé,tu le dézippes dans un dossier dédié.
Puis tu double cliques sur ce fichier,il va travailler, patiente jusqu'à l'affichage d'un message.
Un rapport est généré dans le meme dossier, colle le ici.
La fin doit ressembler à ceci

Citation :
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 104 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
took 14 seconds.
---------- (total run time: 162 seconds)

je poste le raport mais mon Antivi n'a pas réagé apparament il a reconnue la source "Silent Runners" , je tiens à signalé que WinAntivirus Pro 2006 est sur le panneau de controle et me fait ouvrire des pages Pubs, et quand IE n'arrive pas à trouvé un Url précise au lieu de la configuration classique "Impossible de trouver.....etc", ou il me demende de le télécharger ou il me déroute sur cet Url : directory.acu-search.com

Merçi encore Chercheurp ca
----------------------------------------
"Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ccleaner" = ""C:\Programmi\CCleaner\ccleaner.exe" /AUTO" ["Piriform Ltd"]
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"PHIME2002ASync" = ""C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC" [MS]
"PHIME2002A" = ""C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName" [MS]
"SynTPLpr" = "C:\Programmi\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."]
"SynTPEnh" = "C:\Programmi\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."]
"RemoteControl" = "C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe" ["Cyberlink Corp."]
"LaunchAp" = ""C:\Programmi\Launch Manager\LaunchAp.exe"" [empty string]
"PowerKey" = ""C:\Programmi\Launch Manager\PowerKey.exe"" [empty string]
"LManager" = ""C:\Programmi\Launch Manager\HotkeyApp.exe"" ["Wistron"]
"CtrlVol" = ""C:\Programmi\Launch Manager\CtrlVol.exe"" ["Wistron"]
"LMgrOSD" = ""C:\Programmi\Launch Manager\OSDCtrl.exe"" [empty string]
"Wbutton" = ""C:\Programmi\Launch Manager\Wbutton.exe"" [empty string]
"Acer ePower Management" = "C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot" ["Acer Value Labs, Taiwan"]
"ADMTray.exe" = ""C:\Acer\Empowering Technology\admtray.exe"" ["Avocent Inc."]
"eDataSecurity Loader" = "C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" ["HiTRUST"]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"TkBellExe" = ""C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]
"ACU" = "C:\Programmi\Atheros\ACU.exe -nogui" ["Atheros Communications, Inc."]
"a-squared" = ""C:\Programmi\a-squared Anti-Malware\a2guard.exe"" ["Emsi Software GmbH"]
"kav" = ""C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"" ["Kaspersky Lab"]
"LanguageShortcut" = "C:\Programmi\CyberLink\PowerDVD\Language\Language.exe" [null data]
"EPM-DM" = "c:\acer\Empowering Technology\ePower\epm-dm.exe" ["Acer Inc"]
"igfxtray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
"igfxhkcmd" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
"igfxpers" = "C:\WINDOWS\system32\igfxpers.exe" ["Intel Corporation"]
"Windows Defender" = ""C:\Programmi\Windows Defender\MSASCui.exe" -hide" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\(Default) = "ohb"
-> {HKLM...CLSID} = "ohb Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\SearchTool\nsn4D.dll" [null data]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Estensione di icona di HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Programmi\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."]
"{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0}" = "EPM-PO Shell Extension"
-> {HKLM...CLSID} = "EPM-PO Shell Extensions"
\InProcServer32\(Default) = "epm-po.dll" ["Acer Labs USA"]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Estensione dell'icona del file di Outlook"
\InProcServer32\(Default) = "C:\Programmi\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Programmi\Microsoft Office\Office10\msohev.dll" [MS]
"{acb4a560-3606-11d3-aef4-00104bd0f92d}" = "KodakShellExtension"
-> {HKLM...CLSID} = "KodakShellExtension"
\InProcServer32\(Default) = "C:\Programmi\File comuni\Kodak\ifscore\KodakShX.dll" ["Eastman Kodak Company"]
"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
-> {HKLM...CLSID} = "NeroDigitalIconHandler Class"
\InProcServer32\(Default) = "C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
-> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
\InProcServer32\(Default) = "C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Programmi\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{AB77609F-2178-4E6F-9C4B-44AC179D937A}" = "a-squared Context Menu Shell Extension"
-> {HKLM...CLSID} = "a-squared context menu"
\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]
"{85E0B171-04FA-11D1-B7DA-00A0C90348D6}" = "Antivirus Internet"
-> {HKLM...CLSID} = "Antivirus Internet"
\InProcServer32\(Default) = "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"
-> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook"
\InProcServer32\(Default) = "C:\PROGRA~1\WINDOW~4\MpShHook.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\System\CurrentControlSet\Control\Session Manager\
<<!>> "BootExecute" = "autocheck autochk *"| [file not found]|"****" (unwritable string) [file not found]|"SsiEfr.exe" [file not found]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> igfxcui\DLLName = "igfxdev.dll" ["Intel Corporation"]
<<!>> klogon\DLLName = "C:\WINDOWS\system32\klogon.dll" ["Kaspersky Lab"]
<<!>> WRNotifier\DLLName = "WRLogonNTF.dll" [file not found]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
-> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"
\InProcServer32\(Default) = "C:\Programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Programmi\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
EDSshellExt\(Default) = "{29FF7AB0-BE34-4992-A30B-53A9D86EE239}"
-> {HKLM...CLSID} = "eDSshlExt Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\eDSshellExt.dll" ["HiTRUST"]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
EDSshellExt\(Default) = "{29FF7AB0-BE34-4992-A30B-53A9D86EE239}"
-> {HKLM...CLSID} = "eDSshlExt Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\eDSshellExt.dll" ["HiTRUST"]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"
-> {HKLM...CLSID} = "a-squared context menu"
\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]

HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"
-> {HKLM...CLSID} = "a-squared context menu"
\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]


Group Policies {policy setting}:
--------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"DisableRegistryTools" = (REG_DWORD) hex:0x00000000
{Prevent access to registry editing tools}

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\MATRIX~1.SCR" (Matrix Code Emulator.scr) [null data]


Startup items in "pina" & "All Users" startup folders:
------------------------------------------------------

C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
"Adobe Reader Speed Launch" -> shortcut to: "C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"Microsoft Office" -> shortcut to: "C:\Programmi\Microsoft Office\Office10\OSA.EXE -b -l" [MS]
"Adobe Gamma Loader.exe" -> shortcut to: "C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
"hpoddt01.exe" -> shortcut to: "C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" ["Hewlett-Packard"]
"hp psc 1000 series" -> shortcut to: "C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe" ["Hewlett-Packard Co."]


Enabled Scheduled Tasks:
------------------------

"FRU Task #Hewlett-Packard#hp psc 1100 series#1151335642" -> launches: "C:\Programmi\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe -I "#Hewlett-Packard#hp psc 1100 series#1151335642"" [empty string]
"MP Scheduled Scan" -> launches: "C:\Programmi\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 11
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}"
-> {HKLM...CLSID} = "Acer eDataSecurity Management"
\InProcServer32\(Default) = "C:\WINDOWS\system32\eDStoolbar.dll" ["HiTRUST"]
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"
-> {HKLM...CLSID} = "&Links"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" = (no title provided)
-> {HKLM...CLSID} = "Acer eDataSecurity Management"
\InProcServer32\(Default) = "C:\WINDOWS\system32\eDStoolbar.dll" ["HiTRUST"]

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\

HKLM\Software\Classes\CLSID\{85E0B171-04FA-11D1-B7DA-00A0C90348D6}\(Default) = "Antivirus Internet"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]

HKLM\Software\Classes\CLSID\{85E0B171-04FA-11D1-B7DA-00A0C90348D7}\(Default) = "Search Tool"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\WINDOWS\system32\SearchTool\SearchTool.dll" [null data]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.5.0_09"
\InProcServer32\(Default) = "C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_09"
\InProcServer32\(Default) = "C:\Programmi\Java\jre1.5.0_09\bin\npjpi150_09.dll" ["Sun Microsystems, Inc."]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\
"ButtonText" = "Antivirus Internet"

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Programmi\Messenger\msmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AdminWorks Agent X6, AWService, ""C:\Acer\Empowering Technology\admServ.exe"" ["Avocent Inc."]
Cyberlink RichVideo Service(CRVS), RichVideo, ""C:\Programmi\CyberLink\Shared files\RichVideo.exe"" [empty string]
Kaspersky Anti-Virus 6.0, AVP, ""C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r" ["Kaspersky Lab"]
Servizio di configurazione Atheros, ACS, "C:\WINDOWS\system32\acs.exe" [null data]
Windows Defender, WinDefend, ""C:\Programmi\Windows Defender\MsMpEng.exe"" [MS]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzsnt07\Driver = "hpzsnt07.dll" ["HP"]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]


----------
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 59 seconds, including 18 seconds for message boxes)

Re

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

1 Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.

3 Relance un scan HijackThis et coche les lignes ci-dessous :

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchTool\nsn4D.dll
O2 - BHO: (no name) - {E954DB82-1533-4714-92F2-59C98D5C18CC} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Programmi\CCleaner\ccleaner.exe" /AUTO
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/inst [...] bAgent.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://solsikke68.spaces.live.com/ [...] nPUpld.cab
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer

5 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\WINDOWS\system32\SearchTool

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

6 Ouvre le dossier Clean qui se trouve sur ton bureau.
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, suis les consignes.

7 Redémarre normalement et poste un nouveau log HijackThis avec le rapport qui se trouve ici C:\rapport_clean.txt

Re,

voici les rapports mais WinAntivirus Pro 2006 est tjs prèsent dans le panneau de controle et le PC un peu lent, quoi faire de plus?

--------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 19.00.42, on 17/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\Launch Manager\LaunchAp.exe
C:\Programmi\Launch Manager\PowerKey.exe
C:\Programmi\Launch Manager\HotkeyApp.exe
C:\Programmi\Launch Manager\OSDCtrl.exe
C:\Programmi\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Programmi\Atheros\ACU.exe
C:\Programmi\a-squared Anti-Malware\a2guard.exe
C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Programmi\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Programmi\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Programmi\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Programmi\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Programmi\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Programmi\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Programmi\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Programmi\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ACU] C:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [a-squared] "C:\Programmi\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [kav] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmi\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Servizio di configurazione Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe

-------------------------------------------
Script clean par Malekal_morte - http://www.malekal.com

Microsoft Windows XP [Versione 5.1.2600]
Script execute en mode sans echec

*** Suppression de fichiers sur C:
C:\UNWISE.EXE FOUND

*** Suppression des fichiers dans C:\WINDOWS\
C:\WINDOWS\RUNXMLPL.exe FOUND

*** Suppression des fichiers dans C:\WINDOWS\system32


*** Suppression des clefs du registre effectuee..



Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau
http://www.malekal.com/download/DiagHelp.zip
- Fais un clic droit sur le fichier et extraire tout
- Un nouveau dossier chercher va être créé DiagHelp
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
- Une fenêtre va s'ouvrir, choisis l'option 1
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller

Re,
voici le rapport,

-----------------------------

C:\WINDOWS\System32\wpa.dbl -->17/11/2006 18.57.24
C:\WINDOWS\System32\amcompat.tlb -->16/11/2006 16.09.44
C:\WINDOWS\System32\nscompat.tlb -->16/11/2006 16.09.44
C:\WINDOWS\System32\results.txt -->13/11/2006 18.06.04
C:\WINDOWS\System32\large.bnk -->08/11/2006 17.38.22
C:\WINDOWS\System32\livesnth.dll -->08/11/2006 17.38.20
C:\WINDOWS\System32\cf_lic.txt -->08/11/2006 17.38.20
C:\WINDOWS\System32\MRT.exe -->08/11/2006 2.38.14
C:\WINDOWS\System32\tmp.txt -->06/11/2006 23.39.04
C:\WINDOWS\System32\tmp.reg -->06/11/2006 23.39.04
C:\WINDOWS\System32\msxml4.dll -->04/11/2006 14.14.00
C:\WINDOWS\System32\PerfStringBackup.INI -->03/11/2006 19.30.50
C:\WINDOWS\System32\perfh010.dat -->03/11/2006 19.30.50
C:\WINDOWS\System32\perfc010.dat -->03/11/2006 19.30.50
C:\WINDOWS\System32\perfh009.dat -->03/11/2006 19.30.50
C:\WINDOWS\System32\perfc009.dat -->03/11/2006 19.30.50
C:\WINDOWS\System32\eRLog.ini -->01/11/2006 22.59.10
C:\WINDOWS\System32\jupdate-1.5.0_09-b03.log -->01/11/2006 18.39.08
C:\WINDOWS\System32\xvid.ax -->01/11/2006 15.26.00
C:\WINDOWS\System32\xvidvfw.dll -->01/11/2006 14.54.30
C:\WINDOWS\System32\xvidcore.dll -->01/11/2006 14.52.38
C:\WINDOWS\System32\ikhcore.log -->29/10/2006 17.33.32
C:\WINDOWS\System32\clrviddc.dll -->29/10/2006 13.16.10
C:\WINDOWS\System32\FNTCACHE.DAT -->29/10/2006 12.09.52
C:\WINDOWS\System32\wininet.dll -->27/10/2006 15.09.58

C:\WINDOWS\WindowsUpdate.log -->17/11/2006 19.05.38
C:\WINDOWS\0.log -->17/11/2006 18.57.18
C:\WINDOWS\wiadebug.log -->17/11/2006 18.57.16
C:\WINDOWS\bootstat.dat -->17/11/2006 18.57.02
C:\WINDOWS\setupact.log -->17/11/2006 18.53.12
C:\WINDOWS\setuperr.log -->17/11/2006 18.53.06
C:\WINDOWS\ntbtlog.txt -->17/11/2006 18.43.26
C:\WINDOWS\SchedLgU.Txt -->17/11/2006 18.41.50
C:\WINDOWS\wiaservc.log -->17/11/2006 18.41.48
C:\WINDOWS\spupdsvc.log -->17/11/2006 10.39.00
C:\WINDOWS\Sti_Trace.log -->17/11/2006 10.38.58
C:\WINDOWS\NeroDigital.ini -->16/11/2006 19.53.20
C:\WINDOWS\wininit.ini -->15/11/2006 17.59.44
C:\WINDOWS\win.ini -->15/11/2006 14.43.46
C:\WINDOWS\liveup.ini -->13/11/2006 22.27.54

C:\WINDOWS\twunk_16.exe |Twain Working Group |19/08/2004 20:00:00
C:\WINDOWS\twunk_32.exe |Twain Working Group |19/08/2004 20:00:00
C:\WINDOWS\unins000.exe |COMPANY |08/11/2006 19:04:31
C:\WINDOWS\LaunApp.exe |Wistron Corp. |29/12/2003 09:38:04
C:\WINDOWS\XMLaunch.exe |COMPANY |14/05/2004 13:04:36
C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |29/10/1998 16:45:06
C:\WINDOWS\alcrmv.exe |Realtek Semiconductor Corp. |02/03/2005 20:21:42
C:\WINDOWS\alcupd.exe |Realtek Semiconductor Corp. |03/02/2005 15:13:02
C:\WINDOWS\SOUNDMAN.EXE |Realtek Semiconductor Corp. |15/04/2005 11:01:46
C:\WINDOWS\UNINST32.EXE |Dritek System Inc. |27/05/2006 20:31:13
C:\WINDOWS\IsUn0410.exe |InstallShield Software Corporation, Inc. |04/06/2006 13:25:48
C:\WINDOWS\UNNeroVision.exe |Nero AG |29/08/2006 23:08:47
C:\WINDOWS\iun6002.exe |Indigo Rose Corporation |23/10/2006 05:13:40
C:\WINDOWS\twain.dll |Twain Working Group |19/08/2004 20:00:00
C:\WINDOWS\twain_32.dll |Twain Working Group |19/08/2004 20:00:00
C:\WINDOWS\FsMpegDll.dll |Wabbit's |12/02/1998 16:54:04
C:\WINDOWS\AlchemyXML.dll |Wistron Corporation |19/10/2004 19:20:12
C:\WINDOWS\Capsule.dll |COMPANY |21/01/2005 11:48:06
C:\WINDOWS\iconv.dll |COMPANY |24/11/2003 15:55:32
C:\WINDOWS\libxml2.dll |COMPANY |24/11/2003 15:55:48
C:\WINDOWS\RtlExUpd.dll |Realtek Semiconductor Corp. |01/03/2005 16:49:44
C:\WINDOWS\icccodes.dll |Eastman Kodak Company |04/06/2006 13:27:43
C:\WINDOWS\kpcp32.dll |Eastman Kodak Company |04/06/2006 13:27:43
C:\WINDOWS\kpsys32.dll |Eastman Kodak Company |04/06/2006 13:27:43
C:\WINDOWS\pfpick.dll |Eastman Kodak Company |04/06/2006 13:27:43
C:\WINDOWS\sprof32.dll |Eastman Kodak Company |04/06/2006 13:27:43
C:\WINDOWS\system32\append.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\debug.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\dvdplay.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\edlin.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\exe2bin.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\fastopen.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |01/11/2006 18:39:08
C:\WINDOWS\system32\acs.exe |COMPANY |02/11/2006 19:43:30
C:\WINDOWS\system32\mem.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\mscdexnt.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\nlsfunc.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\setver.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\share.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |01/11/2006 18:39:08
C:\WINDOWS\system32\AegisI5.exe |COMPANY |02/11/2006 19:41:48
C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |01/11/2006 18:39:08
C:\WINDOWS\system32\dosx.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\igfxsrvc.exe |Intel Corporation |24/08/2005 12:47:08
C:\WINDOWS\system32\igfxcfg.exe |Intel Corporation |24/08/2005 12:49:54
C:\WINDOWS\system32\igfxzoom.exe |Intel Corporation |24/08/2005 12:50:58
C:\WINDOWS\system32\redir.exe |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\BCMWLU00.EXE |Broadcom Corporation |22/12/2004 01:32:54
C:\WINDOWS\system32\igfxtray.exe |Intel Corporation |24/08/2005 12:50:30
C:\WINDOWS\system32\hkcmd.exe |Intel Corporation |24/08/2005 12:47:18
C:\WINDOWS\system32\igfxpers.exe |Intel Corporation |24/08/2005 12:51:12
C:\WINDOWS\system32\igfxext.exe |Intel Corporation |24/08/2005 12:51:04
C:\WINDOWS\system32\ialmudlg.exe |Intel(r) Corporation |24/08/2005 12:56:30
C:\WINDOWS\system32\ChCfg.exe |COMPANY |27/10/2004 15:47:00
C:\WINDOWS\system32\RTLCPL.EXE |Realtek Semiconductor Corp. |18/04/2005 20:31:48
C:\WINDOWS\system32\Uninstall_eRecovery.exe |Acer Inc. |27/05/2006 20:33:03
C:\WINDOWS\system32\aswBoot.exe |COMPANY |04/06/2006 12:10:07
C:\WINDOWS\system32\HPZipm12.exe |HP |26/06/2006 17:25:14
C:\WINDOWS\system32\HPZinw12.exe |HP |26/06/2006 17:25:14
C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |23/09/2004 02:03:00
C:\WINDOWS\system32\NeroCheck.exe |Ahead Software Gmbh |29/08/2006 23:11:44
C:\WINDOWS\system32\brrot-uninst.exe |COMPANY |24/10/2006 22:12:59
C:\WINDOWS\system32\DivXsm.exe |COMPANY |02/06/2006 00:07:44
C:\WINDOWS\system32\pxinsa64.exe |Sonic Solutions |25/10/2006 14:28:10
C:\WINDOWS\system32\pxinsi64.exe |Sonic Solutions |25/10/2006 14:28:10
C:\WINDOWS\system32\pxcpya64.exe |Sonic Solutions |25/10/2006 14:28:10
C:\WINDOWS\system32\pxcpyi64.exe |Sonic Solutions |25/10/2006 14:28:10
C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |DivX, Inc. |12/07/2006 00:33:49
C:\WINDOWS\system32\swreg.exe |SteelWerX |06/11/2006 23:24:56
C:\WINDOWS\system32\swsc.exe |COMPANY |06/11/2006 23:24:56
C:\WINDOWS\system32\SrchSTS.exe |S!Ri |06/11/2006 23:24:56
C:\WINDOWS\system32\athcfg11.dll |Atheros |02/11/2006 19:41:47
C:\WINDOWS\system32\wcapi.dll |Atheros |02/11/2006 19:41:48
C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |19/08/2004 20:00:00
C:\WINDOWS\system32\wgapi.dll |Atheros |02/11/2006 19:41:48
C:\WINDOWS\system32\ir32_32.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |19/08/2004 20:00:00
C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |19/08/2004 20:00:00
C:\WINDOWS\system32\jgdw400.dll |America Online |19/08/2004 20:00:00
C:\WINDOWS\system32\jgsd400.dll |America Online |19/08/2004 20:00:00
C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |19/08/2004 20:00:00
C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |19/08/2004 20:00:00
C:\WINDOWS\system32\msencode.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\hpotscl.dll |COMPANY |09/03/2003 22:31:04
C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |19/08/2004 20:00:00
C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |19/08/2004 20:00:00
C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |19/08/2004 20:00:00
C:\WINDOWS\system32\tsd32.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\win87em.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\paqsp.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\vsdata.dll |Zone Labs Inc. |28/05/2006 10:24:36
C:\WINDOWS\system32\vsmonapi.dll |Zone Labs Inc. |28/05/2006 10:24:36
C:\WINDOWS\system32\MDMXSDK.DLL |Conexant |13/11/2006 18:25:30
C:\WINDOWS\system32\vspubapi.dll |Zone Labs Inc. |28/05/2006 10:24:38
C:\WINDOWS\system32\HSFCI012.DLL |Conexant Systems, Inc. |13/11/2006 18:25:30
C:\WINDOWS\system32\pcdlib32.dll |Eastman Kodak |09/12/1998 02:53:58
C:\WINDOWS\system32\hpgwiamd.dll |Hewlett-Packard |28/02/2003 10:10:02
C:\WINDOWS\system32\AegisE5.dll |Meetinghouse Data Communications |02/11/2006 19:41:48
C:\WINDOWS\system32\amstream.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |19/08/2004 20:00:00
C:\WINDOWS\system32\atmlib.dll |Adobe Systems |19/08/2004 20:00:00
C:\WINDOWS\system32\pncrt.dll |Real Networks, Inc |17/09/2006 16:05:22
C:\WINDOWS\system32\encdec.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\compatUI.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\oemdspif.dll |Intel Corporation |24/08/2005 12:51:16
C:\WINDOWS\system32\picn20.dll |Pegasus Imaging Corp. |29/08/2006 23:07:45
C:\WINDOWS\system32\iccvid.dll |Radius Inc. |19/08/2004 20:00:00
C:\WINDOWS\system32\athcfg11res.dll |Atheros Communications, Inc. |02/11/2006 19:41:47
C:\WINDOWS\system32\Epm-Po.dll |Acer Labs USA |27/05/2006 20:32:33
C:\WINDOWS\system32\SynTPCo2.dll |Synaptics, Inc. |04/02/2005 11:14:54
C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |19/08/2004 20:00:00
C:\WINDOWS\system32\igfxdev.dll |Intel Corporation |24/08/2005 12:46:22
C:\WINDOWS\system32\msdmo.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\igfxdo.dll |Intel Corporation |24/08/2005 12:47:24
C:\WINDOWS\system32\ltkrn13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:15
C:\WINDOWS\system32\qedwipes.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\sbe.dll |COMPANY |19/08/2004 20:00:00
C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |19/08/2004 20:00:00
C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |19/08/2004 20:00:00
C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |19/08/2004 20:00:00
C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |19/08/2004 20:00:00
C:\WINDOWS\system32\hpovst08.dll |Hewlett-Packard Co. |09/03/2003 22:31:04
C:\WINDOWS\system32\hpzcon07.dll |Hewlett-Packard Company |09/03/2003 22:30:50
C:\WINDOWS\system32\hpzcoi07.dll |HP |09/03/2003 22:30:52
C:\WINDOWS\system32\hpzsnt07.dll |HP |09/03/2003 22:30:52
C:\WINDOWS\system32\TwnLib20.dll |Pegasus Software |29/08/2006 23:07:45
C:\WINDOWS\system32\pndx5016.dll |RealNetworks, Inc. |17/09/2006 16:05:24
C:\WINDOWS\system32\UI.dll |TODO: <???> |27/05/2006 20:35:25
C:\WINDOWS\system32\MSVCRT10.DLL |COMPANY |04/06/2006 13:27:36
C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |19/08/2004 20:00:00
C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |19/08/2004 20:00:00
C:\WINDOWS\system32\dgsetup.dll |Digi International |19/08/2004 20:00:00
C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |19/08/2004 20:00:00
C:\WINDOWS\system32\pndx5032.dll |RealNetworks, Inc. |17/09/2006 16:05:24
C:\WINDOWS\system32\UIVCL.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\avisynth.dll |The Public |23/02/2006 18:36:20
C:\WINDOWS\system32\rmoc3260.dll |RealNetworks, Inc. |17/09/2006 16:05:36
C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |19/08/2004 20:00:00
C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |19/08/2004 20:00:00
C:\WINDOWS\system32\devil.dll |Abysmal Software |23/02/2006 18:36:20
C:\WINDOWS\system32\iAlmCoIn_v4020.dll |Intel Corporation |23/01/2005 10:55:54
C:\WINDOWS\system32\ialmgicd.dll |Intel Corporation |23/01/2005 10:52:44
C:\WINDOWS\system32\ialmgdev.dll |Intel Corporation |23/01/2005 10:54:56
C:\WINDOWS\system32\NTICDMK7.dll |COMPANY |06/12/2005 11:57:50
C:\WINDOWS\system32\NTIMPEG2.dll |COMPANY |06/12/2005 11:57:50
C:\WINDOWS\system32\NTIMP3.dll |COMPANY |06/12/2005 11:57:50
C:\WINDOWS\system32\NTIFCD3.dll |COMPANY |06/12/2005 11:57:50
C:\WINDOWS\system32\multiplex_vcd.dll |COMPANY |26/12/2001 16:12:30
C:\WINDOWS\system32\Hmpg12.dll |COMPANY |03/09/2001 23:46:38
C:\WINDOWS\system32\HMPV2_ENC.dll |COMPANY |30/07/2001 16:33:56
C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |COMPANY |23/07/2001 22:04:36
C:\WINDOWS\system32\NTIBUN4.dll |COMPANY |06/12/2005 11:58:42
C:\WINDOWS\system32\XceedSco.dll |Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com |19/05/2003 11:37:20
C:\WINDOWS\system32\XceedCry.dll |Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com |02/02/2003 12:01:34
C:\WINDOWS\system32\iAlmCoIn_v4384.dll |Intel Corporation |24/08/2005 13:12:06
C:\WINDOWS\system32\ialmrnt5.dll |Intel Corporation |24/08/2005 13:12:10
C:\WINDOWS\system32\ialmdnt5.dll |Intel Corporation |24/08/2005 13:12:04
C:\WINDOWS\system32\ialmdev5.dll |Intel Corporation |24/08/2005 13:11:52
C:\WINDOWS\system32\ialmdd5.dll |Intel Corporation |24/08/2005 13:19:22
C:\WINDOWS\system32\hccutils.dll |Intel Corporation |24/08/2005 12:46:06
C:\WINDOWS\system32\igfxsrvc.dll |Intel Corporation |24/08/2005 12:47:10
C:\WINDOWS\system32\igfxpph.dll |Intel Corporation |24/08/2005 12:50:14
C:\WINDOWS\system32\igfxress.dll |Intel Corporation |24/08/2005 12:50:20
C:\WINDOWS\system32\igfxexps.dll |Intel Corporation |24/08/2005 12:51:06
C:\WINDOWS\system32\ialmrem.dll |Intel Corporation |24/08/2005 13:12:06
C:\WINDOWS\system32\iglicd32.dll |Intel Corporation |24/08/2005 13:02:30
C:\WINDOWS\system32\igldev32.dll |Intel Corporation |24/08/2005 13:04:22
C:\WINDOWS\system32\igfxres.dll |Intel Corporation |24/08/2005 12:51:30
C:\WINDOWS\system32\ialmuARA.dll |Intel(r) Corporation |24/08/2005 12:56:32
C:\WINDOWS\system32\ialmuARB.dll |Intel(r) Corporation |24/08/2005 12:56:32
C:\WINDOWS\system32\ialmuCHS.dll |Intel(r) Corporation |24/08/2005 12:56:32
C:\WINDOWS\system32\ialmuCHT.dll |Intel(r) Corporation |24/08/2005 12:56:32
C:\WINDOWS\system32\ialmuCSY.dll |Intel(r) Corporation |24/08/2005 12:56:38
C:\WINDOWS\system32\ialmuDAN.dll |Intel(r) Corporation |24/08/2005 12:56:32
C:\WINDOWS\system32\ialmuDEU.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuELL.dll |Intel(r) Corporation |24/08/2005 12:56:38
C:\WINDOWS\system32\ialmuENG.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuESP.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuFIN.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuFRA.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuFRC.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuHEB.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuHUN.dll |Intel(r) Corporation |24/08/2005 12:56:38
C:\WINDOWS\system32\ialmuITA.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuJPN.dll |Intel(r) Corporation |24/08/2005 12:56:34
C:\WINDOWS\system32\ialmuKOR.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuNLD.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuNOR.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuPLK.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuPTB.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuPTG.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuRUS.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuSVE.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuTHA.dll |Intel(r) Corporation |24/08/2005 12:56:36
C:\WINDOWS\system32\ialmuTRK.dll |Intel(r) Corporation |24/08/2005 12:56:38
C:\WINDOWS\system32\ltfil13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:15
C:\WINDOWS\system32\ltdis13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:15
C:\WINDOWS\system32\ltimg13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:15
C:\WINDOWS\system32\lfbmp13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:15
C:\WINDOWS\system32\lfcmp13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:15
C:\WINDOWS\system32\ltefx13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:15
C:\WINDOWS\system32\lfgif13n.dll |LEAD Technologies, Inc. |15/11/2006 15:01:17
C:\WINDOWS\system32\SynTPAPI.dll |Synaptics, Inc. |04/02/2005 11:02:38
C:\WINDOWS\system32\SynTPFcs.dll |Synaptics, Inc. |04/02/2005 11:12:50
C:\WINDOWS\system32\SynCOM.dll |Synaptics, Inc. |04/02/2005 11:02:02
C:\WINDOWS\system32\SynCtrl.dll |Synaptics, Inc. |04/02/2005 11:02:16
C:\WINDOWS\system32\RtlCPAPI.dll |COMPANY |07/09/2004 14:23:16
C:\WINDOWS\system32\NtiAspi.dll |NewTech Infosystems, Inc. |05/05/2005 10:35:10
C:\WINDOWS\system32\CryptoAPI.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\HPZc3212.dll |Hewlett-Packard Co. |09/03/2003 22:30:42
C:\WINDOWS\system32\ActiveToolBand.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\EN_res.dll |COMPANY |27/05/2006 20:35:25
C:\WINDOWS\system32\HPZidr12.dll |HP |26/06/2006 17:25:14
C:\WINDOWS\system32\LogSPWusage.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\HPZipr12.dll |HP |26/06/2006 17:25:14
C:\WINDOWS\system32\SC_res.dll |COMPANY |27/05/2006 20:35:25
C:\WINDOWS\system32\ShowErrUI.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\ShowErrMsg.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\TC_res.dll |COMPANY |27/05/2006 20:35:25
C:\WINDOWS\system32\sysenv.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\HPZisn12.dll |HP |26/06/2006 17:25:14
C:\WINDOWS\system32\HPZipt12.dll |HP |26/06/2006 17:25:14
C:\WINDOWS\system32\keyManager.dll |HiTRSUT |27/05/2006 20:35:25
C:\WINDOWS\system32\ogg.dll |COMPANY |16/09/2003 17:41:43
C:\WINDOWS\system32\vorbis.dll |COMPANY |16/09/2003 17:52:28
C:\WINDOWS\system32\kpcp32.dll |Eastman Kodak Company |14/04/2000 14:23:56
C:\WINDOWS\system32\ImagX7.dll |Pegasus Imaging Corp. |29/08/2006 23:07:46
C:\WINDOWS\system32\PrintAPI.dll |Eastman Kodak Company |18/07/2001 16:25:46
C:\WINDOWS\system32\ServiceControl.dll |COMPANY |29/12/2003 20:45:08
C:\WINDOWS\system32\LMOggMux.dll |COMPANY |23/02/2006 18:36:20
C:\WINDOWS\system32\ltmm_n.dll |COMPANY |23/02/2006 18:36:20
C:\WINDOWS\system32\kpsys32.dll |Eastman Kodak Company |14/04/2000 14:23:56
C:\WINDOWS\system32\sprof32.dll |Eastman Kodak Company |14/04/2000 14:24:56
C:\WINDOWS\system32\kcm2sp.dll |Eastman Kodak Company |14/04/2000 14:23:52
C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |22/10/2004 01:01:00
C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |19/10/2004 16:55:44
C:\WINDOWS\system32\pxwave.dll |Sonic Solutions |19/10/2004 16:55:16
C:\WINDOWS\system32\vxblock.dll |Sonic Solutions |17/09/2004 01:00:00
C:\WINDOWS\system32\PTPITCP.dll |FotoNation Inc. |04/08/2006 19:24:20
C:\WINDOWS\system32\KPDPM.dll |Eastman Kodak Company |04/08/2006 19:24:20
C:\WINDOWS\system32\KPDPMUI.dll |Eastman Kodak Company |04/08/2006 19:24:20
C:\WINDOWS\system32\KodakCoI.dll |Eastman Kodak Company |07/10/2003 17:29:16
C:\WINDOWS\system32\libfaac.dll |COMPANY |24/02/2006 10:41:59
C:\WINDOWS\system32\cygwin1.dll |Red Hat |08/05/2006 20:07:07
C:\WINDOWS\system32\cygz.dll |COMPANY |24/05/2006 19:37:27
C:\WINDOWS\system32\KodakOneTouch.dll |COMPANY |08/09/2000 17:53:50
C:\WINDOWS\system32\ImagXpr7.dll |Pegasus Imaging Corp. |29/08/2006 23:07:46
C:\WINDOWS\system32\ImagXR7.dll |Pegasus Imaging Corp. |29/08/2006 23:07:46
C:\WINDOWS\system32\dpu11.dll |DivXNetworks |12/07/2006 00:54:31
C:\WINDOWS\system32\ImagXRA7.dll |Pegasus Imaging Corp. |29/08/2006 23:07:47
C:\WINDOWS\system32\TwnLib4.dll |Pegasus Imaging Corp. |29/08/2006 23:07:47
C:\WINDOWS\system32\LMOggSpl.dll |COMPANY |23/02/2006 18:36:20
C:\WINDOWS\system32\vorbisenc.dll |COMPANY |16/09/2003 17:43:31
C:\WINDOWS\system32\clrviddc.dll |Iterated Systems, Inc. |29/10/2006 13:16:09
C:\WINDOWS\system32\OpenQuicktimeLib.dll |COMPANY |24/02/2006 10:41:59
C:\WINDOWS\system32\APISlice.dll |COMPANY |27/05/2006 20:35:25
C:\WINDOWS\system32\AVSredirect.dll |COMPANY |24/05/2006 19:37:27
C:\WINDOWS\system32\dpus11.dll |DivXNetworks |12/07/2006 00:54:31
C:\WINDOWS\system32\LDecVorbis.dll |COMPANY |03/06/2006 00:15:44
C:\WINDOWS\system32\dpv11.dll |DivXNetworks |12/07/2006 00:54:31
C:\WINDOWS\system32\dpuGUI11.dll |DivXNetworks |12/07/2006 00:54:31
C:\WINDOWS\system32\libdivx.dll |The OpenSSL Project, http://www.openssl.org/ |12/07/2006 01:40:00
C:\WINDOWS\system32\ssldivx.dll |The OpenSSL Project, http://www.openssl.org/ |12/07/2006 01:40:00
C:\WINDOWS\system32\dpl100.dll |DivX, Inc. |11/08/2006 01:03:58
C:\WINDOWS\system32\dtu100.dll |DivX, Inc. |11/08/2006 01:03:57
C:\WINDOWS\system32\dpu10.dll |DivXNetworks |12/07/2006 00:54:31
C:\WINDOWS\system32\dpuGUI10.dll |DivXNetworks |12/07/2006 00:54:34
C:\WINDOWS\system32\DivX.dll |DivX, Inc. |02/10/2006 21:04:39
C:\WINDOWS\system32\divx_xx0c.dll |DivX, Inc. |02/10/2006 21:04:40
C:\WINDOWS\system32\divx_xx07.dll |DivX, Inc. |02/10/2006 21:04:40
C:\WINDOWS\system32\divx_xx11.dll |DivX, Inc. |02/10/2006 21:04:40
C:\WINDOWS\system32\px.dll |Sonic Solutions |19/10/2004 16:56:36
C:\WINDOWS\system32\DivXWMPExtType.dll |COMPANY |12/07/2006 00:33:49
C:\WINDOWS\system32\qt-dx331.dll |COMPANY |02/06/2006 00:10:25
C:\WINDOWS\system32\MSNSpook.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\Outlook Addin.dll |HiTRUST |27/05/2006 20:35:25
C:\WINDOWS\system32\eDSshellExt.dll |HiTRUST |27/05/2006 20:35:29
C:\WINDOWS\system32\eDStoolbar.dll |HiTRUST |02/11/2006 19:18:03
C:\WINDOWS\system32\MSNChatHook.dll |COMPANY |27/05/2006 20:35:25
C:\WINDOWS\system32\vsutil.dll |Zone Labs Inc. |28/05/2006 10:22:36
C:\WINDOWS\system32\klogon.dll |Kaspersky Lab |24/03/2006 19:08:14
C:\WINDOWS\system32\livesnth.dll |LiveUpdate |08/11/2006 17:38:19
C:\WINDOWS\system32\xvidcore.dll |COMPANY |08/11/2006 17:43:35
C:\WINDOWS\system32\xvidvfw.dll |COMPANY |08/11/2006 17:43:34

Il volume nell'unità C è ACER
Numero di serie del volume: 0C4A-12F2

Directory di C:\WINDOWS\system32

19/08/2004 20.00 6.144 csrss.exe
1 File 6.144 byte
0 Directory 16.113.909.760 byte disponibili

Contenu de Downloaded Program Files
Il volume nell'unità C è ACER
Numero di serie del volume: 0C4A-12F2

Directory di C:\WINDOWS\Downloaded Program Files

08/03/2006 20.32 <DIR> .
08/03/2006 20.32 <DIR> ..
14/09/2004 11.59 65 desktop.ini
26/05/2005 04.19 291 wuweb.inf
03/05/2006 03.57 876 jinstall-1_5_0_07.inf
26/05/2005 04.19 293 muweb.inf
15/09/2006 15.02 1.460 MusicManager.inf
26/09/2006 15.53 63.056 MusicManagerUnInstaller.exe
27/08/2003 12.14 108.107 cselexpt.ocx
27/08/2003 12.19 79.144 crsmarttag.dll
27/08/2003 09.01 532.580 reportparameterdialog.dll
27/08/2003 12.19 58.648 sviewhlp.dll
27/08/2003 12.18 128.296 swebrs.dll
23/05/2006 17.19 361 OGAControl.inf
27/07/2006 13.52 367 LegitCheckControl.inf
22/06/2006 11.41 5.032 swflash.inf
12/10/2006 04.07 898 jinstall-1_5_0_09.inf
20/06/2006 15.44 117.560 PURen-us.dll
07/06/2002 11.41 117.328 purit-it.dll
17 File 1.214.362 byte

Totale file elencati:
17 File 1.214.362 byte
2 Directory 16.113.909.760 byte disponibili

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues




Liste des programmes installes

a-squared Anti-Malware 2.0
Acer eDataSecurity Management
Acer eDataSecurity Management
Acer eDataSecurity Management 1.00.26
Acer eLock Management
Acer eLock Management
Acer Empowering Technology framework
Acer Empowering Technology framework
Acer ePerformance Management
Acer ePerformance Management
Acer ePower Management
Acer ePresentation Management
Acer eSettings Management
Acer eSettings Management
Acer GridVista
Adobe Flash Player 9 ActiveX
Adobe Photoshop 5.5
Adobe Reader 7.0
Aggiornamento della protezione per Windows Media Player (KB911564)
Aggiornamento della protezione per Windows Media Player 10 (KB911565)
Aggiornamento della protezione per Windows Media Player 10 (KB917734)
Aggiornamento della protezione per Windows XP (KB890046)
Aggiornamento della protezione per Windows XP (KB893756)
Aggiornamento della protezione per Windows XP (KB896358)
Aggiornamento della protezione per Windows XP (KB896422)
Aggiornamento della protezione per Windows XP (KB896423)
Aggiornamento della protezione per Windows XP (KB896424)
Aggiornamento della protezione per Windows XP (KB896428)
Aggiornamento della protezione per Windows XP (KB899587)
Aggiornamento della protezione per Windows XP (KB899591)
Aggiornamento della protezione per Windows XP (KB900725)
Aggiornamento della protezione per Windows XP (KB901017)
Aggiornamento della protezione per Windows XP (KB901190)
Aggiornamento della protezione per Windows XP (KB901214)
Aggiornamento della protezione per Windows XP (KB902400)
Aggiornamento della protezione per Windows XP (KB904706)
Aggiornamento della protezione per Windows XP (KB905414)
Aggiornamento della protezione per Windows XP (KB905749)
Aggiornamento della protezione per Windows XP (KB908519)
Aggiornamento della protezione per Windows XP (KB911562)
Aggiornamento della protezione per Windows XP (KB911567)
Aggiornamento della protezione per Windows XP (KB911927)
Aggiornamento della protezione per Windows XP (KB912812)
Aggiornamento della protezione per Windows XP (KB912919)
Aggiornamento della protezione per Windows XP (KB913446)
Aggiornamento della protezione per Windows XP (KB913580)
Aggiornamento della protezione per Windows XP (KB914388)
Aggiornamento della protezione per Windows XP (KB914389)
Aggiornamento della protezione per Windows XP (KB916281)
Aggiornamento della protezione per Windows XP (KB917159)
Aggiornamento della protezione per Windows XP (KB917344)
Aggiornamento della protezione per Windows XP (KB917422)
Aggiornamento della protezione per Windows XP (KB917953)
Aggiornamento della protezione per Windows XP (KB918439)
Aggiornamento della protezione per Windows XP (KB918899)
Aggiornamento della protezione per Windows XP (KB919007)
Aggiornamento della protezione per Windows XP (KB920213)
Aggiornamento della protezione per Windows XP (KB920214)
Aggiornamento della protezione per Windows XP (KB920670)
Aggiornamento della protezione per Windows XP (KB920683)
Aggiornamento della protezione per Windows XP (KB920685)
Aggiornamento della protezione per Windows XP (KB921398)
Aggiornamento della protezione per Windows XP (KB921883)
Aggiornamento della protezione per Windows XP (KB922616)
Aggiornamento della protezione per Windows XP (KB922819)
Aggiornamento della protezione per Windows XP (KB923191)
Aggiornamento della protezione per Windows XP (KB923414)
Aggiornamento della protezione per Windows XP (KB923980)
Aggiornamento della protezione per Windows XP (KB924191)
Aggiornamento della protezione per Windows XP (KB924270)
Aggiornamento della protezione per Windows XP (KB924496)
Aggiornamento della protezione per Windows XP (KB925486)
Aggiornamento per Windows XP (KB894391)
Aggiornamento per Windows XP (KB898461)
Aggiornamento per Windows XP (KB900485)
Aggiornamento per Windows XP (KB904942)
Aggiornamento per Windows XP (KB908531)
Aggiornamento per Windows XP (KB910437)
Aggiornamento per Windows XP (KB911280)
Aggiornamento per Windows XP (KB916595)
Aggiornamento per Windows XP (KB920872)
Aggiornamento per Windows XP (KB922582)
Aggiornamento rapido per Windows XP - KB873339
Aggiornamento rapido per Windows XP - KB885250
Aggiornamento rapido per Windows XP - KB885835
Aggiornamento rapido per Windows XP - KB885836
Aggiornamento rapido per Windows XP - KB885884
Aggiornamento rapido per Windows XP - KB886185
Aggiornamento rapido per Windows XP - KB887472
Aggiornamento rapido per Windows XP - KB887742
Aggiornamento rapido per Windows XP - KB888113
Aggiornamento rapido per Windows XP - KB888302
Aggiornamento rapido per Windows XP - KB890859
Aggiornamento rapido per Windows XP - KB891781
Aggiornamento rapido per Windows XP (KB914440)
AutoUpdate
BUM
CardRd81
CCScore
CR2
DivX Codec
ESSBrwr
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
ESSTUTOR
essvatgt
essvcpt
ESSvpaht
ESSvpot
Foto e imaging HP 2.0 - All-in-One
Foto e imaging HP 2.0 - All-in-One Drivers
Foto e imaging HP 2.0 - hp psc 1100 series
HijackThis 1.99.1
HLPIndex
HLPPDOCK
HLPSFO
Hotfix for Windows XP (KB915865)
hp psc 1100 series
Intel(R) Graphics Media Accelerator Driver for Mobile
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Kaspersky Anti-Virus 6.0
Kaspersky Anti-Virus 6.0
KSU
Launch Manager V1.0.9.3
Macromedia Shockwave Player
Matrix Code Emulator 1.50
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 1.1 Italian Language Pack
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional con FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
mobile PhoneTools
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Nero OEM
Nero Suite
Notifier
NTI Backup NOW! 4
NTI Backup NOW! 4
NTI CD & DVD-Maker
NTI CD & DVD-Maker
OfotoXMI
OTtBP
OTtBPSDK
PowerDVD
Programma di installazione del client Atheros
QuickTime
RealPlayer
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
Replay Converter 2.20
SFR
SHASTA
SKIN0001
SKINXSDK
SoftV90 Data Fax Modem with SmartCP
Software Kodak EasyShare
Synaptics Pointing Device Driver
VPRINTOL
WebFldrs XP
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player 9 Series TweakMP PowerToy
Windows Support Tools
WIRELESS
Xvid 1.1.2 final uninstall



Il volume nell'unità C è ACER
Numero di serie del volume: 0C4A-12F2

Directory di C:\Programmi

08/03/2006 20.32 <DIR> .
08/03/2006 20.32 <DIR> ..
14/09/2004 11.52 <DIR> File comuni
14/09/2004 11.57 <DIR> Windows NT
14/09/2004 11.57 <DIR> MSN Gaming Zone
14/09/2004 11.57 <DIR> Messenger
14/09/2004 11.57 <DIR> Windows Media Player
14/09/2004 11.58 <DIR> ComPlus Applications
14/09/2004 11.58 <DIR> Internet Explorer
14/09/2004 11.58 <DIR> Outlook Express
14/09/2004 11.58 <DIR> NetMeeting
14/09/2004 11.58 <DIR> Movie Maker
14/09/2004 11.59 <DIR> Servizi in linea
14/09/2004 12.00 <DIR> microsoft frontpage
30/06/2005 17.12 <DIR> Intel
30/06/2005 17.22 <DIR> NewTech Infosystems
30/06/2005 17.25 <DIR> Acer Inc
06/12/2005 11.55 <DIR> Synaptics
06/12/2005 11.58 <DIR> Adobe
27/05/2006 20.31 <DIR> CyberLink
27/05/2006 20.32 <DIR> Launch Manager
28/05/2006 10.18 <DIR> Zone Labs
04/06/2006 11.58 <DIR> Microsoft Office
04/06/2006 13.36 <DIR> mobile PhoneTools
26/06/2006 17.21 <DIR> Hewlett-Packard
09/07/2006 19.24 <DIR> Java
04/08/2006 19.22 <DIR> Kodak
29/08/2006 23.07 <DIR> Ahead
10/09/2006 18.24 <DIR> PCPitstop
17/09/2006 16.05 <DIR> Real
15/10/2006 16.49 <DIR> QuickTime
25/10/2006 14.27 <DIR> DivX
01/11/2006 21.27 <DIR> RegCleaner
02/11/2006 19.41 <DIR> Atheros
03/11/2006 20.21 <DIR> a-squared Anti-Malware
04/11/2006 15.47 <DIR> CCleaner
05/11/2006 10.34 <DIR> Support Tools
05/11/2006 13.53 <DIR> xerox
05/11/2006 14.07 <DIR> Kaspersky Lab
08/11/2006 13.05 <DIR> MSXML 4.0
08/11/2006 17.43 <DIR> Xvid
13/11/2006 18.25 <DIR> CONEXANT
17/11/2006 10.54 <DIR> Windows Defender
0 File 0 byte
43 Directory 16.109.305.856 byte disponibili
Il volume nell'unità C è ACER
Numero di serie del volume: 0C4A-12F2

Directory di C:\

01/11/2006 21.25 553.687 RegCleaner.exe
1 File 553.687 byte
0 Directory 16.109.813.760 byte disponibili
c:\Documents and Settings\Default User\Impostazioni locali\Temp\UIUCU.EXE
c:\Documents and Settings\Default User\Impostazioni locali\Temp\UIUCU2.EXE
c:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup\$SETUP_140007_3d02b6\Setup.exe
c:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup\CCS\CCSStop.exe
c:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup\Ksu\ksustop.exe
c:\Documents and Settings\All Users\Dati applicazioni\Kodak\EasyShareSetup\KDEVICES\CR2\cr_stop.exe
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Foxconn\setup.exe
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Broadcom\AegisI2.exe
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Broadcom\AegisI5.exe
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Broadcom\bcmwld2k.exe
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Broadcom\BCMWLD9X.EXE
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Broadcom\bcmwlhom.exe
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Broadcom\bcmwltry.exe
c:\Documents and Settings\pina\Documenti\80211bg\80211bg\Broadcom\bcmwlu00.exe
c:\Documents and Settings\pina\Documenti\acergrid\AcerGrid\Setup.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\alcchkid.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\alcrmv.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\alcrmv64.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\alcrmv9x.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\alcupd.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\AlcUpd64.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\ALCXDEV.EXE
c:\Documents and Settings\pina\Documenti\audio\Audio\ChCfg.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\GETDXVER.EXE
c:\Documents and Settings\pina\Documenti\audio\Audio\SetCDfmt.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\Setup.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\WDM\CPLUtil64.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\WDM\RTLCPL.EXE
c:\Documents and Settings\pina\Documenti\audio\Audio\WDM\SoundMan.exe
c:\Documents and Settings\pina\Documenti\audio\Audio\WinNT4\SoundMan.exe
c:\Documents and Settings\pina\Documenti\chipset\CHIPSET\infinst_autol.exe
c:\Documents and Settings\pina\Documenti\edatas\eDataS\setup.exe
c:\Documents and Settings\pina\Documenti\elock\eLock\setup.exe
c:\Documents and Settings\pina\Documenti\empf\emPF\setup.exe
c:\Documents and Settings\pina\Documenti\eperfrm\ePerfrm\setup.exe
c:\Documents and Settings\pina\Documenti\epowermg\ePowerMg\Setups.exe
c:\Documents and Settings\pina\Documenti\eprest\ePrest\ePrjConsole.exe
c:\Documents and Settings\pina\Documenti\eprest\ePrest\ePrjNormal.exe
c:\Documents and Settings\pina\Documenti\eprest\ePrest\ePrjXGA.exe
c:\Documents and Settings\pina\Documenti\eprest\ePrest\Setup.exe
c:\Documents and Settings\pina\Documenti\eprest\ePrest\64-bit\ePrjNormal.exe
c:\Documents and Settings\pina\Documenti\eprest\ePrest\64-bit\ePrjXGA.exe
c:\Documents and Settings\pina\Documenti\esetting\eSetting\setup.exe
c:\Documents and Settings\pina\Documenti\lan\LAN\Setup.exe
c:\Documents and Settings\pina\Documenti\launmgr\LaunMgr\IsWow64.exe
c:\Documents and Settings\pina\Documenti\launmgr\LaunMgr\Setup.exe
c:\Documents and Settings\pina\Documenti\modem\modem\HXFSetup.exe
c:\Documents and Settings\pina\Documenti\touchpad\Touchpad\InstNT.exe
c:\Documents and Settings\pina\Documenti\touchpad\Touchpad\Setup.exe
c:\Documents and Settings\pina\Documenti\touchpad\Touchpad\SynMood.exe
c:\Documents and Settings\pina\Documenti\touchpad\Touchpad\SynTPEnh.exe
c:\Documents and Settings\pina\Documenti\touchpad\Touchpad\SynTPLpr.exe
c:\Documents and Settings\pina\Documenti\touchpad\Touchpad\SynZMetr.exe
c:\Documents and Settings\pina\Documenti\touchpad\Touchpad\Tutorial.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Setup.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\hkcmd.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\ialmudlg.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\igfxcfg.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\igfxext.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\igfxpers.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\igfxsrvc.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\igfxtray.exe
c:\Documents and Settings\pina\Documenti\vga\VGA\Win2000\igfxzoom.exe
c:\Documents and Settings\pina\Desktop\blbeta.exe
c:\Documents and Settings\pina\Desktop\mourad\a2AntiMalwareSetup.exe
c:\Documents and Settings\pina\Desktop\mourad\ccsetup134.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\blbetac.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\FilesInfoCmd.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\Fport.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\grep.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\LFiles.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\LISTDLLS.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\pslist.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\streams.exe
c:\Documents and Settings\pina\Desktop\DiagHelp\diaghelp\swreg.exe
c:\Documents and Settings\Administrator\Impostazioni locali\Temp\UIUCU.EXE
c:\Documents and Settings\Administrator\Impostazioni locali\Temp\UIUCU2.EXE

Hello
désolée de m'imiscer, mais j'ai le même pb et je voudrais savoir si je peux appliquer
exactement la même procédure ou si en fonction de ce que donne le rapport "Hijackthis"
le reméde est différent
Je suis inquiéte de me lancer toute seule car cela a l'air assez compliqué d'après ce que j'ai pu lire

merci de votre aide
Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde