Posez votre question Signaler

[Virus] cmdservice

Fred56 - Dernière réponse le 19 nov. 2006 à 12:27
Bonjour,
je suis infecté par cmd service
après une passe avec avg anti spyware, voici le log de HJT en mode sans echec
Merci pour le coup de main
Logfile of HijackThis v1.99.1
Scan saved at 11:39:52, on 09/11/06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\fpodevin\Mes documents\Perso\Download\AntiSpam\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://SECSERVER:80/array.dll?Get.Routing.Script
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://SECSERVER:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {23A973E4-3321-453C-A2B6-943D2AA1853C} - C:\Program Files\Messenger\nixykeb.dll (file missing)
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll (file missing)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e52.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_e52.exe
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\Run: [windows] C:\\windows_e52.exe
O4 - HKLM\..\Run: [newname] c:\\nwnmff_e52.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger le site avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: KOAD Recherche - {669695BC-A811-4A9D-8CDF-BA8C795F261A} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: stibo - {FFAD3420-6D61-44F6-BA25-293F17152D79} - C:\Program Files\Fichiers communs\Stibo\RS_ProtocolHandler.dll
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\EqifView.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\VXRpbGlzYXRldXIgTUlDUkVM\command.exe (file missing)
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: McShield - Network Associates, Inc. - C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\drivers\w32x86\3\HPZipm12.exe
O23 - Service: SentinelProtectionServer - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
Lire la suite 

[Virus] cmdservice »

13 réponses
Réponse
+0
moins plus
Chercheurbis 261Messages postés 13 août 2005Date d'inscription 9 nov. 2006 à 11:57
Bonjour

Il n'y a pas que ça.

1. Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/combofix.exe

2. Double clique combofix.exe et suis les invites.

3. Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Fred56 9 nov. 2006 à 12:00
Merci,

il faut le lancer comme HJT en mose sans echec ?

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Chercheurbis 261Messages postés 13 août 2005Date d'inscription 9 nov. 2006 à 12:12
Non, en mode normal.
Et poste aussi le rapport HijackThis en mode normal.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Fred56 9 nov. 2006 à 14:06
Voila ce que tu m'as demandé:

fpodevin - 06-11-09 13:45:08,82 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\fpodevin\Bureau"

((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))

REGISTRY ENTRIES REMOVED:

[HKEY_CLASSES_ROOT\clsid\{D91B90F1-3785-41CD-BD37-307ED027B17D}]
@=""
"IDEx"="ADDR"

[HKEY_CLASSES_ROOT\clsid\{D91B90F1-3785-41CD-BD37-307ED027B17D}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{D91B90F1-3785-41CD-BD37-307ED027B17D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{D91B90F1-3785-41CD-BD37-307ED027B17D}\InprocServer32]
@="C:\\WINDOWS\\system32\\EqifView.dll"
"ThreadingModel"="Apartment"

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Granting sedebugprivilege to Administrateurs ... successful


((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\dxclib303562752.dll
C:\Documents and Settings\fpodevin\Application Data\Dxccwrd.dll
C:\Documents and Settings\fpodevin\Application Data\Dxcknwrd.dll
C:\Documents and Settings\fpodevin\Application Data\Dxcuknwrd.dll
C:\WINDOWS\system32\bkd.exe
C:\Program Files\DeluxeCommunications\DxcBho.dll
C:\Program Files\DeluxeCommunications\DxcCore.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\dfndrff_e17.exe
C:\dfndrff_e23.exe
C:\dfndrff_e25.exe
C:\dfndrff_e26.exe
C:\dfndrff_e30.exe
C:\dfndrff_e31.exe
C:\dfndrff_e49.exe
C:\dfndrff_e50.exe
C:\dfndrff_e51.exe
C:\deskbar_e14.exe
C:\deskbar_e17.exe
C:\deskbar_e20.exe
C:\deskbar_e25.exe
C:\deskbar_e26.exe
C:\deskbar_e29.exe
C:\deskbar_e31.exe
C:\deskbar_e49.exe
C:\deskbar_e50.exe
C:\deskbar_e51.exe
C:\deskbar_e52.exe
C:\kybrdff_e23.exe
C:\kybrdff_e31.exe
C:\kybrdff_e49.exe
C:\kybrdff_e50.exe
C:\kybrdff_e51.exe
C:\kybrdff_e52.exe
C:\MTE3NDI6ODoxNgnew.exe
C:\nwnmff_e51.exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\0JYZIJFC\dfndrff_e[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\9VW7Y5K0\dfndrff_e[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\9VW7Y5K0\dfndrff_e[2].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\9VW7Y5K0\dfndrff_e_uit[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\IWXH715T\dfndrff_e_uit[2].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\9VW7Y5K0\deskbar_e[2].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\CHEFKHMJ\deskbar_e[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\CHEFKHMJ\kybrdff_e[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\CHEFKHMJ\kybrdff_e[2].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\9VW7Y5K0\MTE3NDI6ODoxNg[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\0JYZIJFC\nwnmff_e[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\9VW7Y5K0\nwnmff_e[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\CHEFKHMJ\nwnmff_e[1].exe
C:\Documents and Settings\fpodevin\Local Settings\Temporary Internet Files\Content.IE5\CHEFKHMJ\nwnmff_e[2].exe
C:\ac3_0010.exe
C:\RDFX4.exe
C:\secure32.html
C:\WINDOWS\uninstall_nmon.vbs
C:\Program Files\network monitor
C:\WINDOWS\VXRpbGlzYXRldXIgTUlDUkVM


((((((((((((((((((((((((((((((( Files Created from 2006-10-09 to 2006-11-09 ))))))))))))))))))))))))))))))))))


2006-11-09 09:21 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-09 00:00 430,080 --a------ C:\windows_e52.exe
2006-11-08 08:31 442,368 --a------ C:\windows_e51.exe
2006-10-18 23:00 310,482 --a------ C:\Colo2.exe.vir
2006-10-17 10:22 20,000 --------- C:\WINDOWS\system32\drivers\cmapusb.sys
2006-10-17 10:22 18,013 --------- C:\WINDOWS\system32\drivers\cmap_pc2.sys
2006-10-17 10:22 16,088 --------- C:\WINDOWS\system32\drivers\cmapldr.sys
2006-10-12 10:59 98,370 --a------ C:\WINDOWS\system32\CmengDriver.dll
2006-10-11 08:53 52,736 --a------ C:\WINDOWS\system32\drivers\Ssipddp.sys
2006-10-11 08:53 47,616 --a------ C:\WINDOWS\system32\drivers\Ssipddpm.sys
2006-10-09 14:30 23,040 --a------ C:\WINDOWS\system32\drivers\aksusb.sys
2006-10-09 14:29 634,880 --a------ C:\WINDOWS\system32\Gsprop32.dll
2006-10-09 14:29 423,016 --a------ C:\WINDOWS\system32\Gsw32.exe
2006-10-09 14:29 246,848 --a------ C:\WINDOWS\system32\RICHED.DLL
2006-10-09 14:29 242,816 --a------ C:\WINDOWS\system32\Gswag32.dll
2006-10-09 14:29 180,224 --a------ C:\WINDOWS\system32\GLUT32.DLL
2006-10-09 14:29 152,688 --a------ C:\WINDOWS\system32\Gswdll32.dll
2006-10-09 07:36 20,000 --------- C:\WINDOWS\system32\drivers\cmapfp.sys
2006-10-09 07:36 18,392 --------- C:\WINDOWS\system32\drivers\cmapldfp.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-09 13:54 -------- d-------- C:\Documents and Settings\fpodevin\Application Data\Free Download Manager
2006-11-09 13:45 -------- d-------- C:\Documents and Settings\fpodevin\Application Data\Skype
2006-11-09 13:43 -------- d-------- C:\Documents and Settings\fpodevin\Application Data\SolidDocuments
2006-11-09 11:45 -------- d-------- C:\Program Files\eMule
2006-11-09 09:30 -------- d-------- C:\Program Files\Mozilla Thunderbird
2006-11-09 09:21 -------- d-------- C:\Program Files\Grisoft
2006-11-07 07:54 -------- d-------- C:\Program Files\Messenger
2006-10-17 10:20 -------- d-------- C:\Program Files\Navimail
2006-10-17 07:23 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-16 09:31 -------- d-------- C:\Program Files\WinHTTrack
2006-10-12 10:38 -------- d-------- C:\Program Files\C-Map
2006-10-11 08:53 -------- d-------- C:\Program Files\Transas
2006-10-11 08:53 -------- d-------- C:\Program Files\Fichiers communs\Transas Shared
2006-10-11 08:53 -------- d-------- C:\Program Files\Fichiers communs
2006-10-11 08:24 -------- d-------- C:\Program Files\Fichiers communs\Fugawi
2006-10-11 08:24 -------- d-------- C:\Program Files\Earth Resource Mapping
2006-10-09 07:36 -------- d-------- C:\Program Files\SafeNet Sentinel
2006-10-09 07:36 -------- d-------- C:\Program Files\Fichiers communs\SafeNet Sentinel
2006-10-09 07:30 -------- d-------- C:\Program Files\MaxSea International
2006-10-06 13:34 -------- d-------- C:\Program Files\SentEmul
2006-10-05 16:43 -------- d-------- C:\Program Files\Fichiers communs\Services
2006-10-05 15:23 -------- d-------- C:\Program Files\Fugawi
2006-10-05 09:36 -------- d-------- C:\Program Files\SeaClear
2006-10-02 15:54 -------- d-------- C:\Program Files\GT Interactive
2006-09-29 14:00 -------- d-------- C:\Documents and Settings\fpodevin\Application Data\Adobe
2006-09-27 07:45 -------- d-------- C:\Program Files\Adobe
2006-09-26 10:18 -------- d-------- C:\Program Files\GXTranscoder v2
2006-09-26 10:17 -------- d-------- C:\Program Files\ReNamer
2006-09-25 11:15 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-09-25 11:13 -------- d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2006-09-25 11:06 -------- d-------- C:\Program Files\CDBurnerXP Pro 3
2006-09-22 16:01 -------- d-------- C:\Documents and Settings\fpodevin\Application Data\Opera
2006-09-22 13:03 -------- d-------- C:\Program Files\Smart Projects
2006-09-21 08:27 -------- d-------- C:\Program Files\XviD
2006-09-21 08:27 -------- d-------- C:\Program Files\x264
2006-09-21 08:27 -------- d-------- C:\Program Files\Windows Media Player
2006-09-21 08:27 -------- d-------- C:\Program Files\MSN Messenger
2006-09-21 08:27 -------- d-------- C:\Program Files\Movie Maker
2006-09-21 08:27 -------- d-------- C:\Program Files\LimeWire
2006-09-21 08:27 -------- d-------- C:\Program Files\Label Creator
2006-09-21 08:27 -------- d-------- C:\Program Files\Free Download Manager
2006-09-21 07:39 -------- d-------- C:\Program Files\Help Workshop
2006-09-20 10:18 -------- d-------- C:\Program Files\Corel
2006-09-20 10:07 12314 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2006-09-20 10:06 -------- d-------- C:\Documents and Settings\fpodevin\Application Data\Corel
2006-09-20 09:09 -------- d-------- C:\Program Files\Fichiers communs\Corel
2006-09-18 09:48 -------- d-------- C:\Program Files\Skype
2006-09-14 14:29 -------- d-------- C:\Program Files\av


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Free Download Manager"="C:\\Program Files\\Free Download Manager\\fdm.exe -autorun"
"Iomega Automatic Backup"="C:\\Program Files\\Iomega\\Iomega Automatic Backup\\ibackup.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\""
"updateMgr"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"eMuleAutoStart"="C:\\Program Files\\eMule\\emule.exe -AutoStart"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"C-Media Mixer"="Mixer.exe /startup"
"type32"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"Iomega Automatic Backup 1.0.1"="C:\\Program Files\\Iomega\\Iomega Automatic Backup\\ibackup.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"removecpl"="RemoveCpl.exe"
"IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
"Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd"
"EoEngine"=""
"EoWeather"=""
"EoClock"=""
"StatusClient 2.6"="C:\\Program Files\\Hewlett-Packard\\Toolbox\\StatusClient\\StatusClient.exe /auto"
"TomcatStartup 2.5"="C:\\Program Files\\Hewlett-Packard\\Toolbox\\hpbpsttp.exe"
"MediaFace Integration"="C:\\Program Files\\Fellowes\\MediaFACE 4.2\\SetHook.exe"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
"ISUSPM Startup"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start"
"windows"="C:\\\\windows_e52.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"EditLevel"=dword:00000000
"NoRun"=dword:00000000
"NoClose"=dword:00000000
"NoFileMenu"=dword:00000000
"NoCommonGroups"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"UseDesktopIniCache"=dword:00000000
"NoRemoteRecursiveEvents"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Demande_evolution.job
C:\WINDOWS\tasks\Fred.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

Completion time: 06-11-09 13:59:16.32
C:\ComboFix.txt ... 06-11-09 13:59

---------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 14:05:40, on 09/11/06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\windows_e52.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\fpodevin\Mes documents\Perso\Download\AntiSpam\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://SECSERVER:80/array.dll?Get.Routing.Script
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://SECSERVER:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {23A973E4-3321-453C-A2B6-943D2AA1853C} - C:\Program Files\Messenger\nixykeb.dll (file missing)
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6711B62F-A3D4-413B-83F0-00CEDEA0CAEB} - C:\Program Files\Messenger\nixykeb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [windows] C:\\windows_e52.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger le site avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: KOAD Recherche - {669695BC-A811-4A9D-8CDF-BA8C795F261A} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: stibo - {FFAD3420-6D61-44F6-BA25-293F17152D79} - C:\Program Files\Fichiers communs\Stibo\RS_ProtocolHandler.dll
O20 - AppInit_DLLs: dxclib303562752.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: McShield - Network Associates, Inc. - C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\drivers\w32x86\3\HPZipm12.exe
O23 - Service: SentinelProtectionServer - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Chercheurbis 261Messages postés 13 août 2005Date d'inscription 9 nov. 2006 à 15:12
On continue le ménage.

Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer

1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

2 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.

3 Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {23A973E4-3321-453C-A2B6-943D2AA1853C} - C:\Program Files\Messenger\nixykeb.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [windows] C:\\windows_e52.exe
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O20 - AppInit_DLLs: dxclib303562752.dll

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

4 Assure toi d'avoir accés à tous les fichiers.
Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer

5 Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes :

DeluxeCommunications

6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

C:\Program Files\DeluxeCommunications
C:\\windows_e52.exe

7 Lance le nettoyage avec CCleaner

Recache les fichiers systeme afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

8 Ouvre le dossier Clean qui se trouve sur ton bureau.
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, suis les consignes

9 Redémarre normalement

Poste un nouveau log HijackThis avec le rapport qui se trouve ici C:\rapport_clean.txt.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Fred56 10 nov. 2006 à 07:57
Salut,
tu trouveras ci dessous les rapport demandés, par contre il m'est impossible de suprimer le répertoire DeluxeCommunication, XP me dit qu'il est utilisé par un autre processus.

deplus je ne peux plus utiliser mon explorateur windows quand je souhaite parcourir un dossier il me fait une erreur

Merci encore de ton aide


Script clean par Malekal_morte - http://www.malekal.com

Microsoft Windows XP [version 5.1.2600]
Script execute en mode sans echec

*** Suppression de fichiers sur C:
C:\MTE*NDI6ODoxNg*.exe FOUND
C:\RDFX?.exe FOUND
C:\StubInstaller.exe FOUND

*** Suppression des fichiers dans C:\WINDOWS\
C:\WINDOWS\keyboard*.dat FOUND
C:\WINDOWS\newname.dat FOUND
C:\WINDOWS\smdat32m.sys FOUND
C:\WINDOWS\UnGins.exe FOUND
C:\WINDOWS\uniq FOUND

*** Suppression des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\wupdmgr.exe FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.2" FOUND
"C:\Documents and Settings\fpodevin\Application Data\Dxcdmns.dll" FOUND
"C:\Documents and Settings\fpodevin\Application Data\Dxcknwrd.dll" FOUND

"C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll" FOUND


-----------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 07:57:19, on 10/11/06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\fpodevin\Mes documents\Perso\Download\AntiSpam\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://SECSERVER:80/array.dll?Get.Routing.Script
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://SECSERVER:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger le site avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: KOAD Recherche - {669695BC-A811-4A9D-8CDF-BA8C795F261A} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: stibo - {FFAD3420-6D61-44F6-BA25-293F17152D79} - C:\Program Files\Fichiers communs\Stibo\RS_ProtocolHandler.dll
O20 - AppInit_DLLs: dxclib303562752.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: McShield - Network Associates, Inc. - C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\drivers\w32x86\3\HPZipm12.exe
O23 - Service: SentinelProtectionServer - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Malekal_morte- 14781Messages postés 17 mai 2006Date d'inscription 22 mai 2012Dernière intervention 10 nov. 2006 à 08:39
Essaye ça pour ton erreur sur les dossiers :
Ménu Démarrer / executer et tape : regsvr32.exe -u shmedia.dll
clic sur OK.
Un message avec réussi ou successfull doit apparître.

Redémarre l'ordinateur.

DeluxeCommunications se désinstalle très bien par ajout/suppression de programmes.
Essaye de le désinstaller par là.

Poste un nouveau rapport HijackThis ET :

- Télécharge DiagHelp.zip sur ton bureau :http://www.malekal.com/download/DiagHelp.zip
- Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
- Un nouveau dossier chercher va être créé DiagHelp
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
- Une fenêtre va s'ouvrir, choisis [b]l'option 1[/b]
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller

 Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
+0
moins plus
Fred56 10 nov. 2006 à 10:02
Tu trouveras ci-dessous les 2 rapports, par contre je ne peux tjrs pas parcourir mes dossiers par un DoubleCLick, j'ai un message:
*******************************
Runtime Error !
Program: c:\windows\explorer.exe

This application.....

*****************************

---------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 09:53:48, on 10/11/06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\fpodevin\Mes documents\Perso\Download\AntiSpam\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://SECSERVER:80/array.dll?Get.Routing.Script
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://SECSERVER:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger le site avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: KOAD Recherche - {669695BC-A811-4A9D-8CDF-BA8C795F261A} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: stibo - {FFAD3420-6D61-44F6-BA25-293F17152D79} - C:\Program Files\Fichiers communs\Stibo\RS_ProtocolHandler.dll
O20 - AppInit_DLLs: dxclib303562752.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: McShield - Network Associates, Inc. - C:\Program Files\Fichiers communs\Network Associates\McShield\Mcshield.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\drivers\w32x86\3\HPZipm12.exe
O23 - Service: SentinelProtectionServer - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

------------------------------------------------------------------------------

C:\WINDOWS\System32\FNTCACHE.DAT -->09/11/06 14:50:45
C:\WINDOWS\System32\dxclib303562752.dll -->09/11/06 14:01:18
C:\WINDOWS\System32\bkd.exe -->09/11/06 14:01:00
C:\WINDOWS\System32\wpa.dbl -->09/11/06 08:03:36
C:\WINDOWS\System32\perfh00C.dat -->07/11/06 07:53:52
C:\WINDOWS\System32\perfh009.dat -->07/11/06 07:53:51
C:\WINDOWS\System32\perfc00C.dat -->07/11/06 07:53:51
C:\WINDOWS\System32\perfc009.dat -->07/11/06 07:53:51
C:\WINDOWS\System32\PerfStringBackup.INI -->07/11/06 07:53:46
C:\WINDOWS\System32\lictest.log -->11/10/06 08:25:27
C:\WINDOWS\System32\config.nt -->09/10/06 14:34:31
C:\WINDOWS\System32\d3d9caps.dat -->09/10/06 07:53:01
C:\WINDOWS\System32\esnecil.ind -->09/10/06 07:38:37
C:\WINDOWS\System32\esnecil.nlp -->06/10/06 10:49:50
C:\WINDOWS\System32\d3d8caps.dat -->05/10/06 16:15:54
C:\WINDOWS\System32\waste.bsr -->05/10/06 15:26:01
C:\WINDOWS\System32\jeterr35.GID -->25/09/06 07:36:49
C:\WINDOWS\System32\MSACAL.TWD -->21/09/06 07:25:42
C:\WINDOWS\System32\KGyGaAvL.sys -->20/09/06 10:07:54
C:\WINDOWS\System32\ffastlog.txt -->15/09/06 07:53:41
C:\WINDOWS\System32\nscompat.tlb -->11/09/06 06:46:34
C:\WINDOWS\System32\amcompat.tlb -->11/09/06 06:46:34
C:\WINDOWS\System32\mlfcache.dat -->02/06/06 08:49:12
C:\WINDOWS\System32\BASSMOD.dll -->31/05/06 15:57:51
C:\WINDOWS\System32\SET163A.tmp -->10/05/06 01:51:14

C:\WINDOWS\WindowsUpdate.log -->10/11/06 09:51:40
C:\WINDOWS\wiadebug.log -->10/11/06 09:50:07
C:\WINDOWS\wiaservc.log -->10/11/06 09:49:25
C:\WINDOWS\SchedLgU.Txt -->10/11/06 09:49:00
C:\WINDOWS\0.log -->10/11/06 09:48:59
C:\WINDOWS\bootstat.dat -->10/11/06 09:48:58
C:\WINDOWS\fpodevin8.xlb -->10/11/06 09:46:35
C:\WINDOWS\offitems.log -->10/11/06 09:46:34
C:\WINDOWS\ntbtlog.txt -->10/11/06 07:41:37
C:\WINDOWS\Sti_Trace.log -->09/11/06 16:39:25
C:\WINDOWS\1.dat -->09/11/06 00:00:49
C:\WINDOWS\Maxsea.ini -->17/10/06 10:25:09
C:\WINDOWS\NeroDigital.ini -->17/10/06 08:28:56
C:\WINDOWS\iltwain.ini -->13/10/06 14:10:34
C:\WINDOWS\ODBC.INI -->13/10/06 13:06:56

C:\WINDOWS\atd.exe |Astase |21/10/2004 14:41:06
C:\WINDOWS\CDLaunch.exe |Computer Systems Odessa Corp. |10/03/2005 08:54:54
C:\WINDOWS\Ckconfig.exe |Kenonic Controls |06/10/2006 08:59:05
C:\WINDOWS\Ckrfresh.exe |COMPANY |06/10/2006 08:59:05
C:\WINDOWS\CmiRmRedundDir.exe |COMPANY |26/09/2005 13:03:43
C:\WINDOWS\CMIUninstall.exe |COMPANY |26/09/2005 13:03:44
C:\WINDOWS\cmuninst.exe |C-Media Electronics Inc. |01/04/2003 07:36:04
C:\WINDOWS\IsUn040c.exe |InstallShield Software Corporation |31/03/2003 15:06:20
C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |31/03/2003 15:26:49
C:\WINDOWS\iun6002.exe |Indigo Rose Corporation |01/06/2004 14:36:17
C:\WINDOWS\mixer.exe |C-Media Electronic Inc. (www.cmedia.com.tw) |01/04/2003 07:36:04
C:\WINDOWS\NCUNINST.EXE |Northern Codeworks |09/03/2005 07:59:13
C:\WINDOWS\NewMixer.exe |C-Media Electronic Inc. (www.cmedia.com.tw) |01/04/2003 07:36:29
C:\WINDOWS\PLAYER.EXE |Apple Computer, Inc. |21/09/2006 09:43:10
C:\WINDOWS\psuninst2.exe |HelpStudio Software House |22/12/2005 13:47:53
C:\WINDOWS\README.EXE |No Hands Software Inc. |21/09/2006 09:43:11
C:\WINDOWS\regdrop.exe |COMPANY |07/02/2006 09:44:55
C:\WINDOWS\Setup_ck.exe |COMPANY |06/10/2006 08:59:05
C:\WINDOWS\slrundll.exe |Smart Link |29/09/2005 14:32:02
C:\WINDOWS\twunk_16.exe |Twain Working Group |28/09/2001 13:00:00
C:\WINDOWS\twunk_32.exe |Twain Working Group |28/09/2001 13:00:00
C:\WINDOWS\unin040c.exe |InstallShield Corporation, Inc. |31/03/2003 15:22:17
C:\WINDOWS\unins000.exe |COMPANY |25/04/2006 09:40:54
C:\WINDOWS\uninst.exe |InstallShield Corporation, Inc. |31/03/2003 15:49:04
C:\WINDOWS\UninstallFirefox.exe |COMPANY |01/09/2004 10:00:29
C:\WINDOWS\UninstallThunderbird.exe |COMPANY |25/04/2005 13:59:55
C:\WINDOWS\unvise32qt.exe |MindVision |18/10/2004 10:02:08
C:\WINDOWS\UNWISE.EXE |COMPANY |22/07/2004 08:20:06
C:\WINDOWS\VIEWER.EXE |Apple Computer, Inc. |21/09/2006 09:43:10
C:\WINDOWS\CMIRmDriver.dll |COMPANY |26/09/2005 13:03:43
C:\WINDOWS\cygwin1.dll |Red Hat |07/03/2005 09:27:03
C:\WINDOWS\cygz.dll |COMPANY |07/03/2005 09:27:03
C:\WINDOWS\Isdbg51.dll |InstallShield Software Corporation |31/03/2003 15:28:01
C:\WINDOWS\php4isapi.dll |COMPANY |06/10/2005 09:45:21
C:\WINDOWS\php4ts.dll |The PHP Group |06/10/2005 09:45:21
C:\WINDOWS\PLAYENU.DLL |Apple Computer, Inc. |21/09/2006 09:43:11
C:\WINDOWS\Setup_ck.dll |COMPANY |06/10/2006 08:59:05
C:\WINDOWS\twain.dll |Groupe de travail Twain |28/09/2001 13:00:00
C:\WINDOWS\twain_32.dll |Groupe de travail Twain |28/09/2001 13:00:00
C:\WINDOWS\VIEWENU.DLL |Apple Computer, Inc. |21/09/2006 09:43:11
C:\WINDOWS\system32\append.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\bcmwltry.exe |Belkin Corporation |17/03/2005 16:56:12
C:\WINDOWS\system32\bkd.exe |COMPANY |09/11/2006 14:01:10
C:\WINDOWS\system32\cmirmdrv.exe |COMPANY |26/09/2005 13:04:07
C:\WINDOWS\system32\Crypserv.exe |Kenonic Controls Ltd. |06/10/2006 08:59:06
C:\WINDOWS\system32\debug.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\dosx.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\dvdplay.exe |COMPANY |23/08/2001 18:47:34
C:\WINDOWS\system32\edlin.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\exe2bin.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\fastopen.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\Gsw32.exe |Bits Per Second Ltd |09/10/2006 14:29:40
C:\WINDOWS\system32\HPBOID.EXE |Hewlett-Packard Company |10/12/2003 11:15:50
C:\WINDOWS\system32\HPBPRO.EXE |Hewlett-Packard Company |10/12/2003 11:16:34
C:\WINDOWS\system32\hpzinw12.exe |HP |25/07/2003 11:20:00
C:\WINDOWS\system32\hpzipm12.exe |HP |22/10/2003 09:19:22
C:\WINDOWS\system32\insrepim.exe |COMPANY |07/02/2006 09:38:53
C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |28/02/2006 12:11:27
C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |28/02/2006 12:11:27
C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |28/02/2006 12:11:27
C:\WINDOWS\system32\Lame.exe |COMPANY |25/04/2006 09:40:55
C:\WINDOWS\system32\mcoinstall.exe |Aapie.Net |05/07/2006 10:08:38
C:\WINDOWS\system32\mem.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\Mp3cnfg.exe |Kristal Studio |02/03/2001 19:37:34
C:\WINDOWS\system32\msasf.exe |COMPANY |26/02/2001 13:01:00
C:\WINDOWS\system32\mscdexnt.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\NeroCheck.exe |Ahead Software Gmbh |15/03/2005 11:40:55
C:\WINDOWS\system32\nlsfunc.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\nw16.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\ORG11SVR.EXE |DataViz, Inc. |28/08/1997 23:00:00
C:\WINDOWS\system32\ORG21SVR.EXE |DataViz, Inc. |28/08/1997 23:00:00
C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |29/10/2004 12:49:50
C:\WINDOWS\system32\redir.exe |COMPANY |31/03/2003 16:08:49
C:\WINDOWS\system32\RegisterExe.exe |COMPANY |19/10/2005 12:39:00
C:\WINDOWS\system32\RegNandub.exe |COMPANY |22/12/2003 03:28:10
C:\WINDOWS\system32\setver.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\share.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\slrundll.exe |Smart Link |29/09/2005 14:32:09
C:\WINDOWS\system32\slserv.exe |Smart Link |29/09/2005 14:32:08
C:\WINDOWS\system32\UNWISE.EXE |COMPANY |14/09/2005 13:17:17
C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |23/08/2001 18:47:48
C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |23/08/2001 18:47:48
C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |23/08/2001 18:47:48
C:\WINDOWS\system32\vwipxspx.exe |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\WRKGADM.EXE |COMPANY |28/08/1997 23:00:00
C:\WINDOWS\system32\Zap.exe |COMPANY |12/09/2004 15:10:42
C:\WINDOWS\system32\zip.exe |COMPANY |24/05/2004 18:11:28
C:\WINDOWS\system32\3dviewer.dll |Apple Computer, Inc. |04/05/2004 15:49:25
C:\WINDOWS\system32\a3d.dll |Sensaura Ltd |26/09/2005 13:04:07
C:\WINDOWS\system32\amstream.dll |COMPANY |10/11/2004 14:45:54
C:\WINDOWS\system32\ati2cqag.dll |ATI Technologies Inc. |29/09/2005 14:32:33
C:\WINDOWS\system32\ati2dvaa.dll |ATI Technologies Inc. |31/03/2003 16:10:04
C:\WINDOWS\system32\ati2dvag.dll |ATI Technologies Inc. |31/03/2003 16:10:04
C:\WINDOWS\system32\ati3d1ag.dll |ATI Technologies Inc. |31/03/2003 16:10:04
C:\WINDOWS\system32\ati3duag.dll |ATI Technologies Inc. |29/09/2005 14:32:32
C:\WINDOWS\system32\ativtmxx.dll |ATI Technologies Inc. |29/09/2005 14:32:31
C:\WINDOWS\system32\ativvaxx.dll |ATI Technologies Inc. |29/09/2005 14:32:31
C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |28/09/2001 13:00:00
C:\WINDOWS\system32\atmlib.dll |Adobe Systems |28/09/2001 13:00:00
C:\WINDOWS\system32\Audio3D.dll |Sensaura Ltd |26/09/2005 13:04:07
C:\WINDOWS\system32\auth.dll |COMPANY |26/03/2002 08:19:42
C:\WINDOWS\system32\avisynth.dll |The Public |01/06/2003 22:06:41
C:\WINDOWS\system32\aviwrap.dll |Disappearing Inc. |22/09/2001 09:50:22
C:\WINDOWS\system32\awpe.dll |Corel Corporation Limited |04/05/2004 15:49:12
C:\WINDOWS\system32\Awrtl30.dll |WexTech Systems, Inc. |04/05/2004 15:49:12
C:\WINDOWS\system32\BASSMOD.dll |COMPANY |27/02/2006 09:22:26
C:\WINDOWS\system32\BIDS45F.DLL |Borland International |31/03/2003 16:48:03
C:\WINDOWS\system32\BOCOF.DLL |COMPANY |31/03/2003 16:48:03
C:\WINDOWS\system32\BWCC32.DLL |Borland International |31/03/2003 16:48:03
C:\WINDOWS\system32\ccrpUCW6.dll |Jeremy Adams, CCRP |11/10/2000 16:07:38
C:\WINDOWS\system32\CDVPreviewEx.dll |COMPANY |10/03/2005 09:13:53
C:\WINDOWS\system32\cfhd.dll |CineForm Inc. |04/10/2005 09:43:14
C:\WINDOWS\system32\CmengDriver.dll |Informatique & Mer |12/10/2006 10:59:49
C:\WINDOWS\system32\CMGBase.dll |C-Map Russia |06/10/2006 08:59:18
C:\WINDOWS\system32\cmirmdrv.dll |COMPANY |26/09/2005 13:04:07
C:\WINDOWS\system32\cmnprop.dll |C-Media Corporation |01/04/2003 07:36:04
C:\WINDOWS\system32\cmuda.dll |C-Media |26/09/2005 13:04:07
C:\WINDOWS\system32\compatui.dll |COMPANY |31/03/2003 16:09:23
C:\WINDOWS\system32\CRAXDRT.DLL |Seagate Software, Inc. |23/11/2004 14:51:55
C:\WINDOWS\system32\CRVIEWER.DLL |Seagate Software |23/11/2004 14:51:58
C:\WINDOWS\system32\cvirt.dll |National Instruments |23/12/2004 15:34:02
C:\WINDOWS\system32\cvirte.dll |National Instruments |23/12/2004 15:34:02
C:\WINDOWS\system32\CW3215.DLL |Borland International |31/03/2003 16:48:03
C:\WINDOWS\system32\cygwin1.dll |Red Hat |07/03/2005 09:27:03
C:\WINDOWS\system32\cygz.dll |COMPANY |07/03/2005 09:27:03
C:\WINDOWS\system32\d4channel.dll |Hewlett-Packard |29/03/2005 14:06:23
C:\WINDOWS\system32\Dbgwproc.dll |IRC Inc. 14 Sovente Irvine, CA 92606 |23/11/2005 16:00:42
C:\WINDOWS\system32\devil.dll |Abysmal Software |11/04/2003 05:57:30
C:\WINDOWS\system32\dfolder.dll |COMPANY |01/02/1996 18:25:42
C:\WINDOWS\system32\dfont32.dll |COMPANY |22/09/2004 09:03:55
C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |31/03/2003 11:13:19
C:\WINDOWS\system32\dgsetup.dll |Digi International |31/03/2003 11:13:19
C:\WINDOWS\system32\DivX.dll |DivXNetworks, Inc. |03/09/2004 19:03:47
C:\WINDOWS\system32\DivXc32.dll |Hacked with Joy ! |31/03/2000 22:35:06
C:\WINDOWS\system32\DivXc32f.dll |Hacked with Joy ! |31/03/2000 22:35:44
C:\WINDOWS\system32\divxdec_0407.dll |DivXNetworks, Inc. |04/09/2004 00:34:08
C:\WINDOWS\system32\divxdec_040c.dll |DivXNetworks, Inc. |04/09/2004 00:34:08
C:\WINDOWS\system32\divxdec_0411.dll |DivXNetworks, Inc. |04/09/2004 00:25:12
C:\WINDOWS\system32\divx_xx07.dll |DivXNetworks, Inc. |01/09/2004 16:48:45
C:\WINDOWS\system32\divx_xx0c.dll |DivXNetworks, Inc. |01/09/2004 16:48:45
C:\WINDOWS\system32\divx_xx11.dll |DivXNetworks, Inc. |01/09/2004 16:48:46
C:\WINDOWS\system32\DOCOBJ.DLL |COMPANY |29/08/1997 00:00:00
C:\WINDOWS\system32\dpu10.dll |DivXNetworks |03/09/2004 18:33:33
C:\WINDOWS\system32\dpuGUI10.dll |DivXNetworks |03/09/2004 18:37:38
C:\WINDOWS\system32\dpus10.dll |DivXNetworks |01/09/2004 16:49:16
C:\WINDOWS\system32\dpv10.dll |DivXNetworks |01/09/2004 16:49:16
C:\WINDOWS\system32\dxclib303562752.dll |COMPANY |09/11/2006 14:01:18
C:\WINDOWS\system32\DXTLIPI.DLL |Live Picture Corporation |27/08/1998 03:51:30
C:\WINDOWS\system32\DXTMETA.DLL |MetaCreations Corporation |27/08/1998 03:51:36
C:\WINDOWS\system32\DXTMETA2.DLL |MetaCreations Corporation |27/08/1998 03:51:42
C:\WINDOWS\system32\DXTSQFX.DLL |Squishy FX, LLC |27/08/1998 03:51:50
C:\WINDOWS\system32\EBPMON2.DLL |SEIKO EPSON CORPORATION |18/11/1999 02:01:00
C:\WINDOWS\system32\encdec.dll |COMPANY |26/11/2002 15:15:52
C:\WINDOWS\system32\encodex.dll |Mabry Software, Inc. |23/11/2004 14:51:59
C:\WINDOWS\system32\epcomdd.dll |SEIKO EPSON CORP |04/05/2004 15:20:00
C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |31/03/2003 11:13:18
C:\WINDOWS\system32\esccm.dll |SEIKO EPSON CORP. |04/05/2004 15:20:02
C:\WINDOWS\system32\esccmn.dll |SEIKO EPSON CORP. |04/05/2004 15:20:02
C:\WINDOWS\system32\escimg.dll |SEIKO EPSON CORP. |04/05/2004 15:20:02
C:\WINDOWS\system32\escimgn.dll |SEIKO EPSON CORP. |04/05/2004 15:20:02
C:\WINDOWS\system32\escwiab.dll |SEIKO EPSON CORP. |04/05/2004 15:20:02
C:\WINDOWS\system32\escwian.dll |SEIKO EPSON CORP. |04/05/2004 15:20:02
C:\WINDOWS\system32\ESDTR.dll |SEIKO EPSON CORP. |04/05/2004 15:20:00
C:\WINDOWS\system32\ESICM.dll |SEIKO EPSON Corp. |04/05/2004 15:20:01
C:\WINDOWS\system32\Esint23.dll |SEIKO EPSON CORP. |04/05/2004 15:20:00
C:\WINDOWS\system32\ExifView.dll |Foxbat |27/02/2002 08:55:50
C:\WINDOWS\system32\exlate32.dll |Seagate Software, Inc. |23/11/2004 14:51:59
C:\WINDOWS\system32\gds32.dll |Borland Software Corporation |03/04/2003 16:35:17
C:\WINDOWS\system32\GLUT32.DLL |COMPANY |09/10/2006 14:29:40
C:\WINDOWS\system32\Gsprop32.dll |Bits Per Second Ltd |09/10/2006 14:29:40
C:\WINDOWS\system32\Gswag32.dll |Bits Per Second Ltd |09/10/2006 14:29:40
C:\WINDOWS\system32\Gswdll32.dll |Bits Per Second Ltd |09/10/2006 14:29:40
C:\WINDOWS\system32\HHActiveX.dll |Blue Sky Software Corporation. |20/03/2002 21:01:58
C:\WINDOWS\system32\HLINKPRX.DLL |COMPANY |29/08/1997 00:00:00
C:\WINDOWS\system32\HPBHEALR.DLL |COMPANY |25/02/2003 06:49:56
C:\WINDOWS\system32\hpbmiapi.dll |Hewlett-Packard |10/12/2003 11:14:46
C:\WINDOWS\system32\hpbmmjno.dll |Hewlett-Packard |29/03/2005 14:06:23
C:\WINDOWS\system32\HPBMMON.DLL |Hewlett-Packard |18/07/2003 08:44:56
C:\WINDOWS\system32\HPBNRAC2.DLL |Hewlett-Packard |10/12/2003 11:14:24
C:\WINDOWS\system32\hpboidps.dll |Hewlett-Packard Company |10/12/2003 11:15:54
C:\WINDOWS\system32\hpbprops.dll |Hewlett-Packard Company |10/12/2003 11:16:38
C:\WINDOWS\system32\HPDOMON.DLL |Hewlett-Packard |25/02/2003 06:50:02
C:\WINDOWS\system32\HPJCMN2U.DLL |Hewlett-Packard |06/06/2000 18:27:08
C:\WINDOWS\system32\HPJIPX1U.DLL |Hewlett-Packard |06/06/2000 18:27:08
C:\WINDOWS\system32\hppadt40.dll |HP |22/07/2003 08:44:00
C:\WINDOWS\system32\hppamon0.dll |HP |22/07/2003 08:51:14
C:\WINDOWS\system32\hppapml0.dll |HP |22/07/2003 08:51:10
C:\WINDOWS\system32\hppapts0.dll |HP |22/07/2003 08:51:12
C:\WINDOWS\system32\hppasnm0.dll |HP |22/07/2003 08:51:14
C:\WINDOWS\system32\hptcpmib.dll |Hewlett Packard |30/03/2005 06:43:19
C:\WINDOWS\system32\hptcpmon.dll |Hewlett Packard |30/03/2005 06:43:19
C:\WINDOWS\system32\hpzc3212.dll |Hewlett-Packard Co. |19/09/2003 14:00:38
C:\WINDOWS\system32\hpzidr12.dll |HP |11/11/2003 10:16:46
C:\WINDOWS\system32\hpzipr12.dll |HP |22/10/2003 09:26:46
C:\WINDOWS\system32\hpzipt12.dll |HP |21/07/2003 13:24:06
C:\WINDOWS\system32\hpzisn12.dll |HP |21/07/2003 13:24:12
C:\WINDOWS\system32\hpzjfw01.dll |Hewlett-Packard |30/03/2005 06:43:19
C:\WINDOWS\system32\hpzjsn01.dll |Hewlett Packard Company |30/03/2005 06:43:19
C:\WINDOWS\system32\hsfcisp2.dll |Conexant Systems, Inc. |29/09/2005 14:32:25
C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |31/03/2003 11:20:41
C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |31/03/2003 11:20:41
C:\WINDOWS\system32\ibinstall.dll |Borland Software Corporation |03/04/2003 16:35:44
C:\WINDOWS\system32\ibxml.dll |Borland Software Corporation |03/04/2003 16:35:18
C:\WINDOWS\system32\iccvid.dll |Radius Inc. |28/09/2001 13:00:00
C:\WINDOWS\system32\ieencode.dll |COMPANY |29/09/2005 14:32:24
C:\WINDOWS\system32\igxbm30.dll |Micrografx, Inc. |31/03/2003 15:19:46
C:\WINDOWS\system32\igxbm40.dll |Micrografx, Inc. |31/03/2003 15:15:36
C:\WINDOWS\system32\igxfrm2x.DLL |Micrografx, Inc. |31/03/2003 15:15:36
C:\WINDOWS\system32\IGXFRM30.dll |Micrografx, Inc. |31/03/2003 15:19:45
C:\WINDOWS\system32\IGXFRM40.dll |Micrografx, Inc. |31/03/2003 15:15:36
C:\WINDOWS\system32\IGXIMGVW.DLL |Micrografx |31/03/2003 15:19:44
C:\WINDOWS\system32\IGXWlcm.dll |Micrografx |31/03/2003 15:15:31
C:\WINDOWS\system32\ImagX7.dll |Pegasus Imaging Corp. |15/03/2005 11:40:59
C:\WINDOWS\system32\ImagXpr7.dll |Pegasus Imaging Corp. |15/03/2005 11:40:59
C:\WINDOWS\system32\ImagXR7.dll |Pegasus Imaging Corp. |15/03/2005 11:41:00
C:\WINDOWS\system32\ImagXRA7.dll |Pegasus Imaging Corp. |15/03/2005 11:41:00
C:\WINDOWS\system32\INETWH32.dll |Blue Sky Software Corporation. |31/03/2003 15:27:59
C:\WINDOWS\system32\ir32_32.dll |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |07/01/2004 10:59:51
C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |07/01/2004 10:59:51
C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |07/01/2004 10:59:51
C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |07/01/2004 10:59:51
C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |07/01/2004 10:59:51
C:\WINDOWS\system32\isdbgi51.dll |InstallShield Software Corporation |31/03/2003 15:27:59
C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |31/03/2003 11:22:11
C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |28/09/2001 13:00:00
C:\WINDOWS\system32\jgdw400.dll |America Online |28/09/2001 13:00:00
C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |28/09/2001 13:00:00
C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |28/09/2001 13:00:00
C:\WINDOWS\system32\jgsd400.dll |America Online |28/09/2001 13:00:00
C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |28/09/2001 13:00:00
C:\WINDOWS\system32\jst.dll |COMPANY |29/03/2005 14:06:23
C:\WINDOWS\system32\LameACM.dll |Works Warlock |20/01/2001 17:00:00
C:\WINDOWS\system32\Lame_enc.dll |COMPANY |07/08/2003 14:01:52
C:\WINDOWS\system32\lfAFP13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:50
C:\WINDOWS\system32\lfani13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:52
C:\WINDOWS\system32\lfavi13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:52
C:\WINDOWS\system32\LFAVI80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:36:42
C:\WINDOWS\system32\lfawd13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:52
C:\WINDOWS\system32\LFAWD80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:36:42
C:\WINDOWS\system32\lfbmp10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfbmp13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:52
C:\WINDOWS\system32\lfbmp80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfcal10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfcal13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:54
C:\WINDOWS\system32\lfcal80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\Lfcgm13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:54
C:\WINDOWS\system32\lfclp13n.dll |LEAD Technologies, Inc. |24/05/2004 17:59:56
C:\WINDOWS\system32\LFCMP10N.DLL |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\LFCMP13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:04
C:\WINDOWS\system32\lfcmp80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\LFCMW13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:14
C:\WINDOWS\system32\lfCUT13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:14
C:\WINDOWS\system32\Lfdgn13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:14
C:\WINDOWS\system32\LFDIC80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:36:43
C:\WINDOWS\system32\lfdrw13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:16
C:\WINDOWS\system32\lfdwf13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:30
C:\WINDOWS\system32\lfdwg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:34
C:\WINDOWS\system32\lfdxf13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:36
C:\WINDOWS\system32\lfeps13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:38
C:\WINDOWS\system32\LFEPS80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:36:43
C:\WINDOWS\system32\lffax10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lffax13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:38
C:\WINDOWS\system32\lffax80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfflc13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:40
C:\WINDOWS\system32\lffpx10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lffpx13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:42
C:\WINDOWS\system32\lffpx7.dll |COMPANY |24/05/2004 18:00:48
C:\WINDOWS\system32\lffpx80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfgbr13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:50
C:\WINDOWS\system32\lfgif10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfgif13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:50
C:\WINDOWS\system32\lfgif80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfica10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfica13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:52
C:\WINDOWS\system32\lfica80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfiff13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:52
C:\WINDOWS\system32\lfimg10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfimg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:52
C:\WINDOWS\system32\lfimg80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfitg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:54
C:\WINDOWS\system32\LFJ2K13n.dll |LEAD Technologies, Inc. |24/05/2004 18:00:58
C:\WINDOWS\system32\lfjbg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:00
C:\WINDOWS\system32\lfkodak.dll |COMPANY |24/05/2004 18:01:02
C:\WINDOWS\system32\lflma13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:04
C:\WINDOWS\system32\LFLMA80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:36:43
C:\WINDOWS\system32\LFLMB10N.DLL |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lflmb13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:04
C:\WINDOWS\system32\lflmb80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfmac10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfmac13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:06
C:\WINDOWS\system32\lfmac80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfmpg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:08
C:\WINDOWS\system32\lfmsp10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfmsp13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:08
C:\WINDOWS\system32\lfmsp80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfpcd10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfpcd13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:10
C:\WINDOWS\system32\LFPCD80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfPCL13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:12
C:\WINDOWS\system32\lfpct10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\Lfpct13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:12
C:\WINDOWS\system32\lfpct80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfpcx10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfpcx13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:12
C:\WINDOWS\system32\lfpcx80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfpdf13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:18
C:\WINDOWS\system32\lfplt13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:20
C:\WINDOWS\system32\lfpng10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\Lfpng13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:22
C:\WINDOWS\system32\lfpng80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\LFPNM13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:24
C:\WINDOWS\system32\lfpsd10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfpsd13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:24
C:\WINDOWS\system32\lfpsd80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\LFPTK13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:26
C:\WINDOWS\system32\lfras10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfras13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:26
C:\WINDOWS\system32\lfras80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfRaw13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:26
C:\WINDOWS\system32\lfsct13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:28
C:\WINDOWS\system32\lfsgi13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:28
C:\WINDOWS\system32\lfshp13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:30
C:\WINDOWS\system32\LFSMP13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:30
C:\WINDOWS\system32\lftga10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lftga13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:32
C:\WINDOWS\system32\lftga80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lftif10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lftif13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:34
C:\WINDOWS\system32\lftif80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\lfvec13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:36
C:\WINDOWS\system32\lfwfx10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\lfwfx13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:36
C:\WINDOWS\system32\lfwfx80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\Lfwmf13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:36
C:\WINDOWS\system32\LFWMF80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:36:43
C:\WINDOWS\system32\lfwmp13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:38
C:\WINDOWS\system32\lfwpg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:38
C:\WINDOWS\system32\LFWPG80N.DLL |LEAD Technologies, Inc. |31/03/2003 15:36:43
C:\WINDOWS\system32\lfXbm13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:40
C:\WINDOWS\system32\lfXpm13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:40
C:\WINDOWS\system32\lfxwd13n.dll |LEAD Technologies, Inc. |24/05/2004 18:01:40
C:\WINDOWS\system32\ltann10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\ltann13n.dll |LEAD Technologies, Inc. |24/05/2004 18:02:04
C:\WINDOWS\system32\LTAUT13n.dll |LEAD Technologies, Inc. |24/05/2004 18:02:10
C:\WINDOWS\system32\LTCLR13n.dll |LEAD Technologies, Inc. |24/05/2004 18:03:02
C:\WINDOWS\system32\LTCON13n.dll |LEAD Technologies, Inc. |24/05/2004 18:03:02
C:\WINDOWS\system32\ltcry13n.dll |COMPANY |24/05/2004 18:03:20
C:\WINDOWS\system32\LTDic13n.dll |LEAD Technologies, Inc. |24/05/2004 18:03:32
C:\WINDOWS\system32\LTDIS10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:35
C:\WINDOWS\system32\LTDIS13n.dll |LEAD Technologies, Inc. |24/05/2004 18:03:42
C:\WINDOWS\system32\ltdlg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:14
C:\WINDOWS\system32\LTEFX13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:18
C:\WINDOWS\system32\ltfil10N.DLL |LEAD Technologies, Inc. |31/03/2003 15:15:35
C:\WINDOWS\system32\LTFIL13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:22
C:\WINDOWS\system32\ltfil80n.dll |LEAD Technologies, Inc. |31/03/2003 15:19:44
C:\WINDOWS\system32\ltimg10N.dll |LEAD Technologies, Inc. |31/03/2003 15:15:45
C:\WINDOWS\system32\LTIMG13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:30
C:\WINDOWS\system32\ltimg80n.dll |LEAD Technologies, Inc. |31/03/2003 15:20:36
C:\WINDOWS\system32\ltisi13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:30
C:\WINDOWS\system32\LTKRN10N.DLL |LEAD Technologies, Inc. |31/03/2003 15:15:35
C:\WINDOWS\system32\ltkrn13n.dll |LEAD Technologies, Inc. |24/05/2004 18:05:42
C:\WINDOWS\system32\ltkrn80n.dll |LEAD Technologies, Inc. |31/03/2003 15:19:44
C:\WINDOWS\system32\ltlst13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:30
C:\WINDOWS\system32\ltpdg13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:32
C:\WINDOWS\system32\Ltpnt13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:34
C:\WINDOWS\system32\LTRTN13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:46
C:\WINDOWS\system32\LTSCR13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:50
C:\WINDOWS\system32\Ltsgm13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:52
C:\WINDOWS\system32\LTTLB13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:52
C:\WINDOWS\system32\lttls13n.dll |COMPANY |24/05/2004 18:04:56
C:\WINDOWS\system32\lttmb13n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:56
C:\WINDOWS\system32\lttw213n.dll |LEAD Technologies, Inc. |24/05/2004 18:04:58
C:\WINDOWS\system32\lttwn13n.dll |LEAD Technologies, Inc. |24/05/2004 18:05:00
C:\WINDOWS\system32\ltwen13n.dll |LEAD Technologies, Inc. |24/05/2004 18:05:12
C:\WINDOWS\system32\LTWND13n.dll |LEAD Technologies, Inc. |24/05/2004 18:05:12
C:\WINDOWS\system32\LTWVC13n.dll |LEAD Technologies, Inc. |24/05/2004 18:05:24
C:\WINDOWS\system32\Lvkrn13n.dll |LEAD Technologies, Inc. |24/05/2004 18:05:30
C:\WINDOWS\system32\mabryobj.dll |Mabry Software, Inc. |23/11/2004 14:52:02
C:\WINDOWS\system32\Mapi32.dll |Mozilla.org |29/08/1997 00:00:00
C:\WINDOWS\system32\Mapi32_moz_bak.dll |Mozilla.org |29/08/1997 00:00:00
C:\WINDOWS\system32\mdmxsdk.dll |Conexant |29/09/2005 14:32:18
C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |23/08/2001 18:47:06
C:\WINDOWS\system32\METASTR.DLL |MetaCreations Corporation |21/08/1998 13:51:32
C:\WINDOWS\system32\mimex.dll |Mabry Software, Inc. |23/11/2004 14:52:02
C:\WINDOWS\system32\MPEG2DEC.dll |COMPANY |22/06/2001 05:06:02
C:\WINDOWS\system32\msdmo.dll |COMPANY |16/07/2004 15:06:38
C:\WINDOWS\system32\msencode.dll |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\msmscoin.dll |COMPANY |11/04/2002 10:47:52
C:\WINDOWS\system32\Msvcrt10.dll |COMPANY |31/03/2003 15:10:03
C:\WINDOWS\system32\mtxparhd.dll |Matrox Graphics Inc. |29/09/2005 14:32:16
C:\WINDOWS\system32\NCTAudioFile.dll |NCT Company |23/11/2005 15:51:49
C:\WINDOWS\system32\NCTAudioFile2.dll |NCT Company Ltd. |15/12/2003 12:43:18
C:\WINDOWS\system32\NCTAudioInformation2.dll |NCT Company Ltd. |08/12/2003 12:17:04
C:\WINDOWS\system32\NCTAudioPlayer.dll |NCT Company |23/11/2005 15:51:50
C:\WINDOWS\system32\NCTAudioTransform2.dll |NCT Company Ltd. |08/12/2003 12:19:06
C:\WINDOWS\system32\NCTImageFile.dll |Online Media Technologies Ltd. |19/10/2005 12:39:54
C:\WINDOWS\system32\NCTImageTransform.dll |Online Media Technologies Ltd. |19/10/2005 12:39:55
C:\WINDOWS\system32\NCTImageUtility.dll |Online Media Technologies Ltd. |19/10/2005 12:39:55
C:\WINDOWS\system32\NCTImageView.dll |Online Media Technologies Ltd. |19/10/2005 12:39:54
C:\WINDOWS\system32\NCTWMAFile.dll |NCT Company |23/11/2005 15:51:50
C:\WINDOWS\system32\NCTWMAFile2.dll |NCT Company Ltd. |15/12/2003 12:24:30
C:\WINDOWS\system32\nLame.dll |COMPANY |17/03/2006 23:43:52
C:\WINDOWS\system32\nv4.dll |NVIDIA Corporation |31/03/2003 11:14:56
C:\WINDOWS\system32\nv4_disp.dll |NVIDIA Corporation |29/08/2002 11:05:14
C:\WINDOWS\system32\nwnsp32.dll |Lotus Development Corporation |18/09/2003 05:32:24
C:\WINDOWS\system32\ODBCSTF.DLL |COMPANY |28/08/1997 23:00:00
C:\WINDOWS\system32\OGG.DLL |COMPANY |22/12/2003 03:28:08
C:\WINDOWS\system32\OggDS.dll |COMPANY |22/12/2003 03:28:10
C:\WINDOWS\system32\ORGAPI.DLL |Lotus Development Corporation |28/08/1997 23:00:00
C:\WINDOWS\system32\P2smon.dll |Seagate Software, Inc |23/11/2004 14:52:04
C:\WINDOWS\system32\paqsp.dll |COMPANY |23/08/2001 18:47:16
C:\WINDOWS\system32\PcdLib32.dll |Eastman Kodak |29/08/1997 00:00:00
C:\WINDOWS\system32\PdfPorts.dll |COMPANY |03/12/2004 09:43:58
C:\WINDOWS\system32\Pdfshell.dll |Adobe Systems Incorporated |03/12/2004 09:43:47
C:\WINDOWS\system32\picn20.dll |Pegasus Imaging Corp. |15/03/2005 11:40:59
C:\WINDOWS\system32\PMLJNI.dll |COMPANY |29/03/2005 14:06:23
C:\WINDOWS\system32\pncrt.dll |Real Networks, Inc |26/11/2004 11:14:11
C:\WINDOWS\system32\pndx5016.dll |RealNetworks, Inc. |26/11/2004 11:14:14
C:\WINDOWS\system32\pndx5032.dll |RealNetworks, Inc. |26/11/2004 11:14:14
C:\WINDOWS\system32\popx.dll |Mabry Software, Inc. |23/11/2004 14:52:04
C:\WINDOWS\system32\pr5lang.dll |Softwise Company |07/09/2004 18:25:39
C:\WINDOWS\system32\prtrack.dll |Softwise Company |23/11/2004 14:52:09
C:\WINDOWS\system32\prwebsvr.dll |Softwise Company |23/11/2004 14:52:09
C:\WINDOWS\system32\PSIKey.dll |Protexis Inc. |01/09/2004 16:48:50
C:\WINDOWS\system32\psisdecd.dll |COMPANY |01/02/2005 07:54:57
C:\WINDOWS\system32\px.dll |Sonic Solutions |29/10/2004 12:49:49
C:\WINDOWS\system32\pxc25pm.dll |Tracker Software |16/07/2004 07:20:32
C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |29/10/2004 12:49:50
C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |29/10/2004 12:49:50
C:\WINDOWS\system32\pxwave.dll |Sonic Solutions |29/10/2004 12:49:50
C:\WINDOWS\system32\qd3d.dll |Apple Computer Inc. |04/05/2004 15:49:24
C:\WINDOWS\system32\qedwipes.dll |COMPANY |10/11/2004 14:45:57
C:\WINDOWS\system32\qt-mt331.dll |COMPANY |01/09/2004 16:49:17
C:\WINDOWS\system32\rave.dll |Apple Computer, Inc. |04/05/2004 15:49:25
C:\WINDOWS\system32\RECNCL.DLL |COMPANY |28/08/1997 23:00:00
C:\WINDOWS\system32\rmoc3260.dll |RealNetworks, Inc. |26/11/2004 11:14:30
C:\WINDOWS\system32\RNBOVDD.DLL |Rainbow Technologies, Inc. |10/09/2004 06:00:00
C:\WINDOWS\system32\Roboex32.dll |Blue Sky Software Corporation. |01/09/2004 13:10:39
C:\WINDOWS\system32\s3gnb.dll |S3 Graphics, Inc. |29/09/2005 14:32:11
C:\WINDOWS\system32\sbe.dll |COMPANY |26/11/2002 15:15:50
C:\WINDOWS\system32\scriptpw.dll |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\shw32.dll |COMPANY |04/05/2004 15:49:29
C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |28/09/2001 13:00:00
C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |28/09/2001 13:00:00
C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |28/09/2001 13:00:00
C:\WINDOWS\system32\slcoinst.dll |Smart Link |29/09/2005 14:32:09
C:\WINDOWS\system32\slextspk.dll |Smart Link |29/09/2005 14:32:09
C:\WINDOWS\system32\slgen.dll |Smart Link |29/09/2005 14:32:09
C:\WINDOWS\system32\smtpx.dll |Mabry Software, Inc. |23/11/2004 14:52:12
C:\WINDOWS\system32\SNTI386.DLL |Rainbow Technologies, Inc. |10/09/2004 06:00:00
C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |23/08/2001 18:47:18
C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |31/03/2003 11:13:18
C:\WINDOWS\system32\SS32D25.DLL |FarPoint Technologies, Inc. |31/03/2003 15:59:59
C:\WINDOWS\system32\Ssubtmr6.dll |<none> |19/02/1999 07:54:26
C:\WINDOWS\system32\SVIEWHLP.DLL |Seagate Software |23/11/2004 14:52:12
C:\WINDOWS\system32\tsd32.dll |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\TWAIN32d.dll |COMPANY |14/09/1998 20:43:16
C:\WINDOWS\system32\TwnLib20.dll |Pegasus Software |15/03/2005 11:41:00
C:\WINDOWS\system32\TwnLib4.dll |Pegasus Imaging Corp. |15/03/2005 11:41:00
C:\WINDOWS\system32\udaprop.dll |C-Media Corporation |26/09/2005 13:04:07
C:\WINDOWS\system32\UNRAR.DLL |COMPANY |03/02/2000 23:18:12
C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\VAFR232.DLL |COMPANY |28/08/1997 23:00:00
C:\WINDOWS\system32\VFCodec.dll |COMPANY |22/07/2000 09:49:46
C:\WINDOWS\system32\Vic32.dll |Catenary Systems |05/09/2005 05:11:44
C:\WINDOWS\system32\vidx16.dll |COMPANY |31/03/2003 15:15:49
C:\WINDOWS\system32\viscomwave.dll |Viscom Software |06/09/2004 10:10:50
C:\WINDOWS\system32\VOBSUB.DLL |Gabest |28/10/2001 05:54:32
C:\WINDOWS\system32\VORBIS.DLL |COMPANY |22/12/2003 03:28:08
C:\WINDOWS\system32\vorbisenc.dll |COMPANY |22/12/2003 03:28:08
C:\WINDOWS\system32\VSDRVM32.DLL |Visigenic Software |31/03/2003 15:59:58
C:\WINDOWS\system32\VSORAC32.DLL |Visigenic Software |31/03/2003 15:59:59
C:\WINDOWS\system32\vxblock.dll |Sonic Solutions |29/10/2004 12:49:50
C:\WINDOWS\system32\W32N50.dll |Printing Communications Assoc., Inc. (PCAUSA) |18/03/2005 08:24:36
C:\WINDOWS\system32\win87em.dll |COMPANY |28/09/2001 13:00:00
C:\WINDOWS\system32\WNASPI32.DLL |Adaptec |01/12/2004 11:29:49
C:\WINDOWS\system32\x264vfw.dll |COMPANY |25/04/2006 10:34:41
C:\WINDOWS\system32\XceedZip.dll |Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com |15/03/2002 10:55:34
C:\WINDOWS\system32\XLREC.DLL |COMPANY |28/08/1997 23:00:00
C:\WINDOWS\system32\xvidcore.dll |COMPANY |20/12/2004 10:03:26
C:\WINDOWS\system32\xvidvfw.dll |COMPANY |20/12/2004 10:08:28

Le volume dans le lecteur C s'appelle XP-APIC
Le numéro de série du volume est 7EC3-37AE

Répertoire de C:\WINDOWS\system

06/02/95 17:21 6 480 ODBCADM.EXE
14/09/92 17:25 28 802 PXENGCFG.EXE
29/11/94 23:00 4 128 QTNOTIFY.EXE
17/02/04 03:51 1 458 176 SmWizard.exe
10/09/99 11:06 4 672 WOWPOST.EXE
5 fichier(s) 1 502 258 octets
0 Rép(s) 41 954 410 496 octets libres
Le volume dans le lecteur C s'appelle XP-APIC
Le numéro de série du volume est 7EC3-37AE

Répertoire de C:\WINDOWS\system32

19/08/04 15:09 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 41 954 410 496 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle XP-APIC
Le numéro de série du volume est 7EC3-37AE

Répertoire de C:\WINDOWS\Downloaded Program Files

09/11/06 16:37 <REP> .
09/11/06 16:37 <REP> ..
31/03/03 11:23 65 desktop.ini
26/07/02 08:13 24 576 dwusplay.dll
26/07/02 08:13 196 608 dwusplay.exe
10/06/04 13:17 729 HDPlugin1018.inf
11/08/05 15:30 417 792 isusweb.dll
25/08/03 18:12 1 096 iuctl.inf
29/05/03 14:00 160 864 messengerstatsclient.dll
20/01/00 15:25 1 162 Microsoft XML Parser for Java.osd
26/05/05 03:19 293 muweb.inf
29/05/03 14:00 86 112 solitaireshowdown.dll
27/03/06 12:00 5 019 swflash.inf
06/07/04 11:35 230 vxiewer.inf
24/08/04 13:13 307 WinadX.inf
26/05/05 03:19 291 wuweb.inf
14 fichier(s) 895 144 octets

Total des fichiers listés :
14 fichier(s) 895 144 octets
2 Rép(s) 41 954 410 496 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues




Liste des programmes installes

Économiseur d'écran Drapeaux de l'Union européenne
7-Zip 4.32
Ad-Aware SE Personal
Adobe Acrobat 4.0
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Download Manager 2.0 (Supprimer uniquement)
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Product/Adobe Studio Update 10/2001
Adobe Reader 7.0.5 - Français
Adobe Stock Photos 1.0
Adobe Stock Photos 1.0
AIDA32 v3.93
Archiveur WinRAR
AutoUpdate
AutoVue SolidModel Pro, Desktop Edition
AVG Anti-Spyware 7.5
AVI/MPEG/RM/WMV Joiner 4.81
AviSynth 2.5
Bureau Médias de Kazaa 2.6.7
C-Map PCMCIA and USB drivers
C-Map PCMCIA and USB drivers
C-Media 3D Audio
CCleaner (remove only)
Client du proxy Microsoft
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Compel Adaptec WinASPI
CorelDRAW Graphics Suite X3
DivX
DivX Player
DVD-lab PRO 1.00
DVD Shrink 3.2
DVDFab Decrypter 2.9.7.9
EasyPHP 1.8
eMule
EPSON Logiciel imprimante
ES
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP
FileZilla (remove only)
FontNav
Free Download Manager 2.1
Fx Audio Converter
Google Earth
Help Workshop
HijackThis 1.99.1
HP Color LaserJet 4650
hp LaserJet 4250/4350
iGrafx System
InterBase 6.5
InterVideo WinDVD 4
IsoBuster 1.9.1
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Pro 9
Jasc Paint Shop Pro 9.01 Patch
Java 2 Runtime Environment, SE v1.4.2_05
JntMeego 0.2
la version d'évaluation de Namo WebCanvas
la version d'évaluation de Namo WebEdiotor 6
Lecteur Windows Media 11
LeechFTP
LimeWire PRO 4.10.9
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee VirusScan
MediaFACE 4.2
MediaFACE 4.2
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft Clipart Extra
Microsoft Data Access Components KB870669
Microsoft DirectX Transform optional components
Microsoft FrontPage 98
Microsoft IntelliPoint 5.2
Microsoft IntelliType Pro 5.0
Microsoft Office 97 Professional
Microsoft Publisher 2002
Microsoft SQL Server 7.0
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Morgan Stream Switcher
Mozilla Firefox (1.0)
Mozilla Firefox (1.0.7)
Mozilla Thunderbird (1.5)
Namo WebUtilities
NeoDivx 2006
Nero 6 Ultra Edition
Nimo Codecs Pack v4.33 (Remove Only)
Pack Vista Inspirat 1.1
PCI Audio Applications
PCI Audio Driver
Permis bateau façile.
PHP 5.0.5
Picasa 2
Platform
PowerQuest PartitionMagic 7.0 Demo
PR-Tracker
QuickTime
RealPlayer
Scitor Project Communicator - Team
Sentinel Protection Installer 7.0.0
Sentinel System Driver
SolidConverterPDF
Sony DVD Architect 2.0b
Sony Media Manager 2.0
Sony Vegas 6.0d
Spybot - Search & Destroy 1.4
Ulead COOL 3D Production Studio Trial
Update Manager
USB FP-Card Reader Drivers
USB FP-Card Reader Drivers
VBA
VBA (2720.8)
Video Fixer 3.23
Visionneuse Journal Windows Microsoft
WebFldrs XP
Win AVI HelixSDK
Winamp (remove only)
WinAVI VideoConverter
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 2
WinHTTrack Website Copier 3.40-2
x264 Revision 468 x264.nl (remove only)
XviD & MP3 Codec Pack (remove only)
XviD 1.1 final uninstall
Yahoo! Toolbar
Yahoo! Toolbar avec bloqueur de fenêtres pop-up



Le volume dans le lecteur C s'appelle XP-APIC
Le numéro de série du volume est 7EC3-37AE

Répertoire de C:\Program Files

09/11/06 15:43 <REP> .
09/11/06 15:43 <REP> ..
23/11/05 15:51 <REP> 4U Computing
01/06/06 06:45 <REP> 7-Zip
22/08/06 07:27 <REP> a-squared
15/06/05 10:57 <REP> ACD Systems
27/09/06 07:45 <REP> Adobe
15/03/05 11:41 <REP> Ahead
31/01/06 13:31 <REP> AIDA32 - Enterprise System Information
14/09/06 14:29 <REP> av
24/05/05 08:29 <REP> AVI MPEG RM WMV Joiner
23/11/05 15:37 <REP> AviSynth 2.5
13/07/06 10:52 <REP> Borland
12/10/06 10:38 <REP> C-Map
26/09/05 13:03 <REP> C-Media 3D Audio
09/11/06 15:43 <REP> CCleaner
25/09/06 11:06 <REP> CDBurnerXP Pro 3
09/11/06 14:23 <REP> CM93_Ed3 & S57
14/02/05 13:32 <REP> Common Files
20/09/06 10:18 <REP> Corel
10/03/05 09:27 <REP> CS Odessa
17/07/06 14:45 <REP> DC++
09/11/06 14:50 <REP> DeluxeCommunications
13/09/04 13:06 <REP> DivX
04/05/04 09:56 <REP> DivXCodec
23/09/04 08:26 <REP> DVD Shrink
01/06/06 06:53 <REP> DVDFab Decrypter
23/11/05 16:05 <REP> DVDlabPro
11/10/06 08:24 <REP> Earth Resource Mapping
25/04/06 10:15 <REP> EasyDVDRip
23/02/06 12:06 <REP> EasyPHP1-8
19/04/06 13:11 <REP> ElcomSoft
10/11/06 09:50 <REP> eMule
28/01/05 07:57 <REP> EPSON
16/02/06 11:57 <REP> Fellowes
09/11/06 14:28 <REP> Fichiers communs
01/06/04 14:57 <REP> FileZilla
21/09/06 08:27 <REP> Free Download Manager
05/10/06 15:23 <REP> Fugawi
23/11/05 16:00 <REP> Fx Audio Conveter
15/11/05 17:11 <REP> Google
09/11/06 09:21 <REP> Grisoft
02/10/06 15:54 <REP> GT Interactive
26/09/06 10:18 <REP> GXTranscoder v2
21/09/06 07:39 <REP> Help Workshop
02/02/06 08:53 <REP> Hewlett-Packard
07/01/04 10:47 <REP> HighMAT CD Writing Wizard
24/05/05 08:19 <REP> HT Video Splitter & Joiner 2.0 Shareware
12/10/06 10:22 <REP> I&M
15/09/05 13:03 <REP> IGC
31/03/03 15:19 <REP> iGrafx
22/03/06 16:13 <REP> Internet Explorer
15/11/04 14:43 <REP> InterVideo
16/12/04 07:58 <REP> Iomega
14/11/05 09:10 <REP> IrfanView
23/02/06 09:47 <REP> Jasc Software Inc
28/02/06 12:11 <REP> Java
17/08/06 09:48 <REP> JntMeego
22/08/06 07:34 <REP> jv16 PowerTools 2005
21/09/06 08:27 <REP> Label Creator
16/12/05 11:04 <REP> Lavasoft
03/02/06 14:12 <REP> Le Catalogue Radiospares
23/02/06 10:01 <REP> LeechFTP
21/09/06 08:27 <REP> LimeWire
02/06/05 07:33 <REP> Macromedia
09/10/06 07:30 <REP> MaxSea International
15/12/04 14:10 <REP> MDBTask
23/02/06 08:12 <REP> MediaFACE
09/11/06 14:00 <REP> Messenger
29/08/06 16:45 <REP> MessengerDiscovery
22/08/06 07:37 <REP> Microsoft ActiveSync
14/03/06 08:48 <REP> Microsoft AntiSpyware
31/03/03 15:22 <REP> microsoft frontpage
05/04/05 16:02 <REP> Microsoft IntelliPoint
05/04/05 09:29 <REP> Microsoft IntelliPoint 4.1
05/04/05 15:59 <REP> Microsoft IntelliPoint 5.2
05/05/04 07:49 <REP> Microsoft IntelliType Pro
05/05/04 07:49 <REP> Microsoft IntelliType Pro 5.0
14/05/04 10:13 <REP> Microsoft Office
28/08/06 16:12 <REP> Microsoft SQL Server
25/04/06 10:34 <REP> Morgan
21/09/06 08:27 <REP> Movie Maker
16/02/06 11:44 <REP> Mozilla Firefox
10/11/06 09:38 <REP> Mozilla Thunderbird
31/03/03 11:21 <REP> MSN
31/03/03 11:20 <REP> MSN Gaming Zone
09/11/06 14:35 <REP> MSN Messenger
23/02/06 09:48 <REP> Namo
25/04/06 10:36 <REP> neodivx2006
18/03/05 08:24 <REP> NETGEAR
29/09/05 14:19 <REP> NetMeeting
03/02/06 14:02 <REP> Netscape
29/07/04 15:44 <REP> Network Associates
11/05/04 15:46 <REP> NimoCodec Pack
22/03/06 16:13 <REP> Outlook Express
09/03/05 16:10 <REP> Palm
01/04/03 07:36 <REP> PCI Audio Applications
02/06/06 06:52 <REP> Picasa2
04/03/05 15:12 <REP> PocketDivx
07/02/06 09:45 <REP> PR-Tracker
21/03/05 16:54 <REP> ProgeSOFT
06/01/06 16:00 <REP> Quark
18/10/04 10:02 <REP> QuickTime
21/08/06 08:47 <REP> ReaConverter 4.0 Pro
14/11/05 09:09 <REP> ReaJpeg12
26/11/04 11:14 <REP> Real
19/10/05 08:49 <REP> ReaSoft
23/02/06 09:17 <REP> RegCleaner
17/03/05 08:46 <REP> Rename-It!
26/09/06 10:17 <REP> ReNamer
09/10/06 07:36 <REP> SafeNet Sentinel
15/09/04 14:05 <REP> Scitor
05/10/06 09:36 <REP> SeaClear
06/10/06 13:34 <REP> SentEmul
31/03/03 11:23 <REP> Services en ligne
31/05/06 15:57 <REP> SlySoft
22/09/06 13:03 <REP> Smart Projects
15/03/05 09:57 <REP> SoftET Koule 1.1
19/10/05 12:38 <REP> Softinterface, Inc
16/07/04 07:20 <REP> SolidDocuments
05/05/04 10:41 <REP> Sonic
28/08/06 16:09 <REP> Sony
28/08/06 14:36 <REP> Sony Setup
26/09/06 10:21 <REP> Spybot - Search & Destroy
22/08/06 08:04 <REP> Symantec
22/08/06 07:37 <REP> Teleport Pro
11/10/06 08:53 <REP> Transas
26/09/05 13:55 <REP> VIA
17/03/05 11:43 <REP> videofixer
02/06/04 10:06 <REP> virtual_Dub
28/08/06 16:10 <REP> Vstplugins
17/03/05 11:43 <REP> Winad Client
16/02/06 11:58 <REP> Winamp
25/04/06 10:35 <REP> WinASPI
18/07/05 13:31 <REP>

Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
afideg 9004Messages postés 10 octobre 2005Date d'inscription 31 mai 2012Dernière intervention 10 nov. 2006 à 12:26
Up
Juste pour suivre

Merci
;)

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Fred56 10 nov. 2006 à 14:24
Désolé je ne comprends pas ?

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Malekal_morte- 14781Messages postés 17 mai 2006Date d'inscription 22 mai 2012Dernière intervention 10 nov. 2006 à 14:39
Le rapport Diaghelp n'es tpas entier.

As-tu essayé de désinstaller Deluxecommunications par ajout/suppression de programmes ?
Si oui et que ça n'a pas fonctionné, fais ceci :

Sur HiJackThis, refais un scan et coches les lignes suivantes :

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O20 - AppInit_DLLs: dxclib303562752.dll

---> puis clic sur le bouton "Fix Checked"
n'hésite pas à consulter le lien d'aide : http://www.malekal.com/tutorial_HijackThis.html

Redémarre l'ordinateur

-- Ouvre le poste de travail
-- Clic sur le menu outils en haut à droite puis options des dossiers
-- Dans la nouvelle fenêtre, clic sur l'onglet Affichage en haut
-- Coche dans la liste "Afficher les fichiers cachés"
-- Décoche "masquer les fichier proteger du systeme d exploitation (recommandée)"
-- Tu vas recevoir un message qui te dit que cela peut endommager le système, n'en tiens pas compte.

Supprime :
C:\WINDOWS\System32\dxclib303562752.dll
C:\WINDOWS\System32\bkd.exe
C:\Program Files\DeluxeCommunications


Puis :

Ouvre internet explorer --> Outils --> Options internet --> onglet "sécurité" --> Valide "niveau par défaut".
Toujours sur Internet explorer --> Outils --> Options internet --> onglet "avancé" --> valide "Paramètres par défaut".

Pour effectuer les scans, désactive ton antivirus, logiciels de protections et logiciels pouvant bloquer les popups (barres Google, barres Yahoo etc..).


- Fais un http://www.pandasoftware.com/products/activescan.htm en [u]désactivant[/u] ton antivirus pendant le scan!
(Si tu es perdu, tu peux suivre ce tuto : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId237368]
- Copie/colle le rapport panda ici

 Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
+0
moins plus
Fred56 10 nov. 2006 à 14:59
tout cela en mode normal ou sans echec?

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
Malekal_morte- 14781Messages postés 17 mai 2006Date d'inscription 22 mai 2012Dernière intervention 19 nov. 2006 à 12:27
Non sauf si tu n'arrives pas à supprimer les fichiers/dossiers.

 Ajouter un commentaire - Site web
Ajouter un commentaire
Posez votre question
Ce document intitulé « [Virus] cmdservice » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?