Hijackthis report submission

titou56 · May 2, 2010

Hi friends :wink:

Could you have a look, please ? Here is the Hijackthis report ...

Thank you

hijackthis.log.txt

enoskype · May 2, 2010

Hi titou56,

Apart from (no file) lines:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)

O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - (no file) (HKCU)

to be deleted, nothing seems to be wrong, but, 75 instances of svchost.exe are too many.

Do you have noticable problems?

Perhaps, if you follow the procedure for your thread in Spyware-Malware Removal Help! section, I would advice a Malware Fighter to look at the logs.

Cheers.

titou56 · May 2, 2010

hum...

Hi Enoskype :wink:

Yes, this is why I post my report... the automatic analysis is full of red crosses... !?

I am not having problems, I was just trying the new version of Hijackthis ! surprised by the result, I want a external sight...

Well, to be sure, I'll go back to Spyware-Malware Removal Help! section with the 3 reports...

titou56 · May 3, 2010

to be analized

Hi friends

here we are :

IObit Security 360

OS:Windows Vista

Version:1.4.1.11

Préciser la Version:1419

Temps écoulé:00:28:40

Objets Scannés:68210

Menaces Trouvées:2

|Nom|Type|Description|ID|

Tracking Cookies, Cookies, Cookie:t2 nomad@www.incredimail.com/, 7-1892

Tracking Cookies, Cookies, Cookie:t2 nomad@mystart.incredimail.com/, 7-1892

--------------------------------------------------------

DDS (Ver_10-03-17.01) - NTFSx86

Run by t2 nomad at 15:03:38.77 on 02/05/2010

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_20

Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2046.1152 [GMT 2:00]

SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\a-squared Anti-Malware\a2service.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\FsUsbExService.Exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\Program Files\Macrium\Reflect\ReflectService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\a-squared Anti-Malware\a2guard.exe

C:\Program Files\Avira\AntiVir Desktop\avmailc.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Rainlendar2\Rainlendar2.exe

C:\Program Files\Clavier+\Clavier.exe

C:\Program Files\AeroSnap\AeroSnap.exe

C:\Program Files\Spamihilator\spamihilator.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\Windows\system32\conime.exe

C:\Users\t2 nomad\Desktop\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://mystart.incredimail.com/

uWindow Title = Windows Internet Explorer

mStart Page =

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [incrediMail] c:\program files\incredimail\bin\IncMail.exe /c

uRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"

uRun: [Rainlendar2] c:\program files\rainlendar2\Rainlendar2.exe

uRun: [Clavier+] c:\program files\clavier+\Clavier.exe

uRun: [AeroSnap] c:\program files\aerosnap\AeroSnap.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [a-squared] "c:\program files\a-squared anti-malware\a2guard.exe" /d=60

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\users\t2noma~1\appdata\roaming\micros~1\windows \startm~1\programs\startup\spamihilator.lnk - c:\program files\spamihilator\spamihilator.exe

uPolicies-explorer: HonorAutoRunSetting = 0 (0x0)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-explorer: HonorAutoRunSetting = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Add animation to IncrediMail Style Box - c:\program files\incredimail\bin\resources\WebMenuImg.htm

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

LSP: c:\program files\avira\antivir desktop\avsda.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

LSA: Authentication Packages = msv1_0 relog_ap

Hosts: 127.0.0.1 http://www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\t2noma~1\appdata\roaming\mozilla\firefox\ profiles\6o4gbyrt.default\

FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official

FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs_IM2_TEST&search=

FF - component: c:\users\t2 nomad\appdata\roaming\mozilla\firefox\profiles\6o4 gbyrt.default\extensions\keyscrambler@qfx.software .corporation\components\KeyScramblerIE.dll

FF - component: c:\users\t2 nomad\appdata\roaming\mozilla\firefox\profiles\6o4 gbyrt.default\extensions\piclens@cooliris.com\comp onents\coolirisstub.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.d ll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\openoffice.org 3\program\npsoplugin.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\t2 nomad\appdata\roaming\mozilla\firefox\profiles\6o4 gbyrt.default\extensions\piclens@cooliris.com\plug ins\npcoolirisplugin.dll

FF - plugin: c:\users\t2 nomad\appdata\roaming\mozilla\plugins\npcoolirispl ugin.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabl ed", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2010-3-17 15328]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-4-30 11608]

R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared anti-malware\a2service.exe [2009-11-11 1872320]

R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\avira\antivir desktop\avmailc.exe [2009-4-30 194817]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2009-4-30 108289]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-4-30 185089]

R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2009-4-30 434945]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgn tflt.sys [2009-4-30 56816]

R2 FsUsbExService;FsUsbExService;c:\windows\system32\ FsUsbExService.Exe [2010-2-7 233472]

R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\macrium\reflect\ReflectService.exe [2010-3-17 220128]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]

R3 b57nd60x;%SvcDispName%;c:\windows\system32\drivers \b57nd60x.sys [2008-3-22 179712]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbE xDisk.Sys [2010-2-7 36608]

R3 KeyScrambler;KeyScrambler;c:\windows\system32\driv ers\keyscrambler.sys [2010-1-30 115312]

S2 gupdate1ca6bd77832db60;Service Google Update (gupdate1ca6bd77832db60);c:\program files\google\update\GoogleUpdate.exe [2009-11-23 133104]

S2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2009-11-15 311568]

S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-3-22 21504]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-4-19 13224]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-4-19 90536]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-4-19 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-4-19 122152]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-4-19 115496]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-4-19 25768]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sy s [2009-4-19 111912]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-4-19 117672]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-2-7 90112]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-2-7 14976]

S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-2-7 121856]

=============== Created Last 30 ================

2010-04-26 18:52:51 0 d-----w- c:\program files\Emoticon

2010-04-26 14:59:12 0 d-----w- c:\users\t2 nomad\AdSigner

2010-04-26 14:29:58 0 d-----w- c:\program files\Trend Micro

2010-04-19 13:34:35 55315 ----a-w- C:\capture.jpg

2010-04-16 10:59:01 0 d-----w- c:\programdata\Apple

2010-04-15 13:53:12 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-04-14 10:58:26 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2010-04-14 10:58:25 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2010-04-14 10:58:25 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2010-04-14 10:58:22 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-04-14 10:58:22 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-04-14 10:58:17 430080 ----a-w- c:\windows\system32\vbscript.dll

2010-04-14 10:58:02 62464 ----a-w- c:\windows\system32\l3codeca.acm

2010-04-14 10:58:02 220672 ----a-w- c:\windows\system32\l3codecp.acm

2010-04-14 10:58:01 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys

2010-04-14 10:58:01 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys

2010-04-14 10:58:01 200704 ----a-w- c:\windows\system32\iphlpsvc.dll

2010-04-14 10:56:39 98304 ----a-w- c:\windows\system32\cabview.dll

2010-04-14 10:55:33 172032 ----a-w- c:\windows\system32\wintrust.dll

==================== Find3M ====================

2010-05-01 06:15:21 741588 ----a-w- c:\windows\system32\perfh00C.dat

2010-05-01 06:15:20 147404 ----a-w- c:\windows\system32\perfc00C.dat

2010-04-01 07:19:33 3353 ----a-w- C:\Français.zip

2010-03-17 09:51:48 15328 ----a-w- c:\windows\system32\drivers\pssnap.sys

2010-03-17 09:51:39 44512 ----a-w- c:\windows\system32\drivers\psmounter.sys

2010-02-24 08:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe

2010-02-20 23:06:41 24064 ----a-w- c:\windows\system32\nshhttp.dll

2010-02-20 23:05:14 30720 ----a-w- c:\windows\system32\httpapi.dll

2010-02-13 05:23:12 41336 ----a-w- c:\users\t2noma~1\appdata\roaming\nvModes.dat

2010-02-08 06:53:14 86016 ----a-w- c:\windows\inf\infpub.dat

2010-02-08 06:53:14 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-02-08 06:53:14 143360 ----a-w- c:\windows\inf\infstor.dat

2009-11-12 21:14:34 665600 ----a-w- c:\windows\inf\drvindex.dat

2008-03-22 11:28:23 174 --sha-w- c:\program files\desktop.ini

2006-11-02 15:45:47 37390 ----a-w- c:\windows\inf\perflib\040c\perfd.dat

2006-11-02 15:45:47 37390 ----a-w- c:\windows\inf\perflib\040c\perfc.dat

2006-11-02 15:45:47 340236 ----a-w- c:\windows\inf\perflib\040c\perfi.dat

2006-11-02 15:45:47 340236 ----a-w- c:\windows\inf\perflib\040c\perfh.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2008-05-21 16:42:10 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12008052120080522\index.dat

2008-06-05 23:02:28 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12008060620080607\index.dat

2008-06-09 01:53:18 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12008060920080610\index.dat

2009-05-12 15:56:01 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12009051220090513\index.dat

2009-10-03 11:11:03 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12009100320091004\index.dat

2009-11-29 17:37:38 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12009112920091130\index.dat

2009-11-30 06:49:23 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12009113020091201\index.dat

2009-12-19 07:11:46 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\l ocal\microsoft\windows\history\history.ie5\mshist0 12009121920091220\index.dat

2009-05-20 21:44:47 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\r oaming\microsoft\windows\ietldcache\index.dat

2007-06-10 18:36:51 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 15:04:42.70 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Édition Familiale Premium

Boot Device: \Device\HarddiskVolume3

Install Date: 10/06/2007 12:45:45

System Uptime: 05/02/2010 14:23:12 (2065 hours ago)

Motherboard: Dell Inc. | | 0CF456

Processor: Intel® Core2 CPU T7200 @ 2.00GHz | Microprocessor | 2000/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 100 GiB total, 46.562 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 3.69 GiB free.

E: is CDROM ()

F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e96d-e325-11ce-bfc1-08002be10318}

Description: Conexant HDA D110 MDC V.92 Modem

Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_14F100C3& REV_0900\4&B1E9B9E&0&0102

Manufacturer: Conexant

Name: Conexant HDA D110 MDC V.92 Modem

PNP Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_14F100C3& REV_0900\4&B1E9B9E&0&0102

Service: Modem

==== System Restore Points ===================

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)

7-Zip 4.65

a-squared Anti-Malware 4.5

Acronis*True*Image*Home

Adobe Flash Player 10 Plugin

Adobe Flash Player 9 ActiveX

Adobe Flash Player ActiveX

Advanced SystemCare 3

Advertising Center

AeroSnap 0.61

Apple Application Support

Audacity 1.2.6

AutoUpdate

Avira AntiVir Premium

Broadcom Management Programs

CamStudio 2.0 Fr

Canon MP180

CCleaner

CDBurnerXP

Clavier+ 10.6.1

ConvertHelper 2.2

DAEMON Tools Toolbar

Digital Line Detect

DivX Codec

Fast DVD Ripper 1.1

Foxit Reader

Gadwin PrintScreen

Galerie de photos Windows Live

GigaTribe 3.01.001

Google Update Helper

Google*Earth

HiJackThis

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Iconoid Version 3.8.5

IncrediMail

IncrediMail 2.0

Installation Windows Live

IObit Security 360

Java Auto Updater

Java 6 Update 20

KeyScrambler

Macrium Reflect - Free Edition

Messenger Plus! Live

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 French Language Pack

Microsoft .NET Framework 1.1 Security Update (KB953297)

Microsoft .NET Framework 3.5 Language Pack SP1 - fra

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft LifeCam

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (French) 2007

Microsoft Office Excel MUI (French) 2007

Microsoft Office InfoPath MUI (French) 2007

Microsoft Office Outlook MUI (French) 2007

Microsoft Office PowerPoint MUI (French) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proofing (French) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (French) 2007

Microsoft Office Shared MUI (French) 2007

Microsoft Office Word MUI (French) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Module linguistique Microsoft .NET Framework 3.5 SP1- fra

MozBackup 1.4.10

Mozilla Firefox (3.6.3)

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 9 Lite

Nero ControlCenter

Nero Installer

Nero Online Upgrade

Nero StartSmart

neroxml

Neuf - Kit de connexion

NVIDIA Drivers

OGA Notifier 2.0.0048.0

OpenOffice.org 3.2

Package de pilotes Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)

Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)

PC Connectivity Solution

PhotoFiltre

PhotoMail Maker

QuickSet

QuickTime Alternative 3.1.1

Rainlendar2 (remove only)

Real Alternative 2.0.2 Lite

Recuva

Revo Uninstaller 1.87

RocketDock 1.3.5

SAMSUNG Mobile Composite Device Software

Samsung Mobile Modem Device Software

SAMSUNG Mobile Modem Driver Set

SAMSUNG Mobile Modem V2 Software

Samsung Mobile phone USB driver Software

SAMSUNG Mobile USB Download Driver Software

SAMSUNG Mobile USB Modem 1.0 Software

SAMSUNG Mobile USB Modem Software

Samsung New PC Studio

Samsung New PC Studio USB Driver Installer

Samsung PC Studio

SAMSUNG SYMBIAN USB Download Driver

SAMSUNG USB Mobile Device Software

SamsungConnectivityCableDriver

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB969679)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Office Excel 2007 (KB969682)

Security Update for Microsoft Office PowerPoint 2007 (KB957789)

Security Update for Microsoft Office Publisher 2007 (KB969693)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office Word 2007 (KB969604)

SigmaTel Audio

Smart Defrag

Sonic Activation Module

Spamihilator

Spamihilator 0.9.9.53 (32 bit)

Synaptics Pointing Device Driver

SyncBack

TomTom HOME 2.7.3.1894

TomTom HOME Visual Studio Merge Modules

Tomtomax Maxi-Box V2.0.20

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Outlook 2007 Junk Email Filter (kb972691)

USB Storage Driver

VDownloader 1.12

Virtools 3D Life Player

VirusTotal Uploader 2.0

Visual C++ CRT 8.0

Visual C++ CRT 9.0

Visual C++ CRT 9.0 SP1

VLC media player 1.0.5

Winamp

Winamp Remote

Windows Live Call

Windows Live Communications Platform

Windows Live FolderShare

Windows Live Messenger

Windows Media Player Firefox Plugin

XPS LightFX SDK

==== End Of File ===========================

titou56 · May 4, 2010

Hi friends :wink:

UP

garybear · May 4, 2010

Hi friend!!

Hi friends :wink:

UP

Hi titou!!

titou56 · May 5, 2010

Hi friends :wink:

http://smylies.philoo12.net/Extra-gros/emot9.gif

Is there a Malware Fighter in the plane ?

Sign In

Hijackthis report submission

Recommended Posts

titou56

Link to comment

Share on other sites

enoskype

Link to comment

Share on other sites

titou56

Link to comment

Share on other sites

titou56

Link to comment

Share on other sites

titou56

Link to comment

Share on other sites

garybear

Link to comment

Share on other sites

titou56

Link to comment

Share on other sites

Archived

Browse

Activity