metziarr

Membres

Afficher le profil Afficher son activité

Compteur de contenus
2
Inscription
le 14 novembre 2006
Dernière visite
le 18 novembre 2006

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par metziarr

eradiquage deluxecommunications

metziarr a posté un sujet dans Analyses et éradication malwares

toujours les meme problemes intenpestifs a ce sujet, pop-up et autres bloquages ... etc. voici mon rapport combofix : ComboFix 06.11.9 - Running from: "C:\Program Files\Mozilla Firefox" ((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Documents and Settings\manoa henrytos\Application Data\Dxcknwrd.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\mc-110-12-0000730.exe C:\WINDOWS\system32\aaa00000.sys C:\WINDOWS\uninstall_nmon.vbs C:\Documents and Settings\LocalService\Application Data\NetMon C:\Program Files\Deskbar C:\Program Files\network monitor C:\Program Files\Fichiers communs\{889BA193-07CF-1036-0529-021203200020} ((((((((((((((((((((((((((((((( Files Created from 2006-10-14 to 2006-11-14 )))))))))))))))))))))))))))))))))) 2006-11-14 22:50 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys 2006-11-14 22:50 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys 2006-11-14 22:50 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys 2006-11-14 22:50 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys 2006-10-16 17:12 53,248 --a------ C:\WINDOWS\system32\Process.exe 2006-10-16 17:12 42,496 --a------ C:\WINDOWS\system32\swreg.exe 2006-10-16 17:12 40,960 --a------ C:\WINDOWS\system32\swsc.exe 2006-10-16 17:12 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2006-10-15 13:34 65,536 --a------ C:\WINDOWS\system32\EPPicMgr.dll 2006-10-15 13:34 483,328 --a------ C:\WINDOWS\system32\PICSDK.dll 2006-10-15 13:34 114,688 --a------ C:\WINDOWS\system32\EpPicPrt.dll 2006-10-15 13:33 98,304 --a------ C:\WINDOWS\system32\E_SAGSET.DLL 2006-10-15 13:33 79,622 --a------ C:\WINDOWS\system32\EBPMON24.DLL 2006-10-15 13:33 64,000 --a------ C:\WINDOWS\system32\ECBTEG.DLL 2006-10-15 13:33 34,304 --a------ C:\WINDOWS\system32\EBPCHP.DLL 2006-10-15 13:33 31,744 --a------ C:\WINDOWS\system32\E_DCINST.DLL 2006-10-15 13:33 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-14 23:00 -------- d-------- C:\Program Files\Fichiers communs 2006-11-14 22:59 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-14 22:52 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\AVG7 2006-11-14 22:50 -------- d-------- C:\Program Files\Grisoft 2006-11-14 22:45 -------- d-------- C:\Program Files\ewido anti-spyware 4.0 2006-11-10 00:40 -------- d-------- C:\Program Files\Championship Manager 99-00 2006-11-06 19:07 -------- d-------- C:\Program Files\Winamp 2006-11-05 23:38 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\vlc 2006-11-05 23:25 -------- d-------- C:\Program Files\VideoLAN 2006-11-05 23:19 -------- d-------- C:\Program Files\Matroska Playback Pack 2006-11-05 02:42 -------- d---s---- C:\Documents and Settings\manoa henrytos\Application Data\Microsoft 2006-11-05 02:22 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Real 2006-11-05 02:20 -------- d-------- C:\Program Files\Real 2006-11-05 02:20 -------- d-------- C:\Program Files\Fichiers communs\xing shared 2006-11-05 02:20 -------- d-------- C:\Program Files\Fichiers communs\Real 2006-10-30 23:58 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Mozilla 2006-10-27 10:22 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-27 10:22 -------- d-------- C:\Program Files\Google 2006-10-27 10:22 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Google 2006-10-27 10:18 -------- d-------- C:\Program Files\CCleaner 2006-10-19 14:50 -------- d-------- C:\Program Files\LimeWire 2006-10-19 01:43 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Ahead 2006-10-19 01:28 -------- d-------- C:\Program Files\Fichiers communs\Ahead 2006-10-19 01:27 -------- d-------- C:\Program Files\Nero 2006-10-16 17:31 -------- d-------- C:\Program Files\eMule 2006-10-15 14:10 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Help 2006-10-15 14:02 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\EPSON 2006-10-15 13:36 -------- d-------- C:\Program Files\Fichiers communs\InstallShield 2006-10-15 13:34 -------- d-------- C:\Program Files\EPSON 2006-10-13 00:22 0 --a------ C:\WINDOWS\system32\27031_redworld.exe 2006-10-13 00:12 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\uTorrent 2006-10-12 23:59 -------- d-------- C:\Program Files\uTorrent 2006-10-08 15:08 -------- d-------- C:\Program Files\Web media Player 2006-10-08 15:08 -------- d-------- C:\Program Files\Ares 2006-10-08 15:07 -------- d-------- C:\Program Files\DivX 2006-10-02 16:39 -------- d-------- C:\Program Files\NetMeeting 2006-10-02 16:32 -------- d-------- C:\Program Files\MSN Messenger 2006-09-24 11:47 -------- d-------- C:\Program Files\VirtualDJ 2006-09-24 11:25 -------- d-------- C:\Program Files\adslTV 2006-09-10 16:41 0 --a------ C:\WINDOWS\system32\eraseme_07611.exe 2006-09-06 14:49 0 --a------ C:\WINDOWS\system32\eraseme_20518.exe 2006-08-25 13:26 138 --a------ C:\Program Files\INSTALL.LOG 2006-08-24 23:10 62 --ahs---- C:\Documents and Settings\manoa henrytos\Application Data\desktop.ini 2006-08-24 22:48 1233 --a------ C:\WINDOWS\system32\ncw80004.sys 2006-08-24 22:35 44 --a------ C:\WINDOWS\system32\msssc.dll 2006-08-24 22:25 0 -rahs---- C:\MSDOS.SYS 2006-08-24 22:25 0 -rahs---- C:\IO.SYS 2006-08-24 22:25 0 --a------ C:\CONFIG.SYS 2006-08-24 22:25 0 --a------ C:\AUTOEXEC.BAT (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000004 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "fzwi"="C:\\Program Files\\Fichiers communs\\fzwi\\fzwim.exe" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "fzwi"="C:\\Program Files\\Fichiers communs\\fzwi\\fzwim.exe" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\Run] "{889BA193-07CF-1036-0529-021203200020}"="\"C:\\Program Files\\Fichiers communs\\{889BA193-07CF-1036-0529-021203200020}\\Update.exe\" mc-110-12-0000730" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\Run] "{889BA193-07CF-1036-0529-021203200020}"="\"C:\\Program Files\\Fichiers communs\\{889BA193-07CF-1036-0529-021203200020}\\Update.exe\" mc-110-12-0000730" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20061113-171335-882 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot backup-20061113-171335-750 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe backup-20061113-171335-615 O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061113-171335-229 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe backup-20061113-171335-498 O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061113-171335-743 O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" backup-20061113-171335-414 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup backup-20061113-171335-260 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ backup-20061113-171335-239 R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll backup-20061103-113717-680 O23 - Service: Local Network Service (algs) - Unknown owner - C:\WINDOWS\scvh0st.exe (file missing) backup-20061103-113707-921 O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061103-113707-827 R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll backup-20061103-113707-285 O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061016-180557-331 O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) backup-20061016-180557-122 O23 - Service: Local Network Service (algs) - Unknown owner - C:\WINDOWS\scvh0st.exe (file missing) backup-20061016-180557-150 O23 - Service: Microsoft Star Window Service - Unknown owner - C:\WINDOWS\System32\dllcache\starwin32.exe backup-20061016-180554-976 O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab backup-20061016-180554-588 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL backup-20061016-180554-527 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL backup-20061016-180554-487 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab backup-20061016-180554-561 O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll backup-20061016-180554-400 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll backup-20061016-180554-246 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background backup-20061016-180554-599 O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061016-180554-541 O4 - HKCU\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /M "Stylus C48" /EF "HKCU" backup-20061016-180554-979 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe backup-20061016-180554-364 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe backup-20061016-180554-476 O4 - HKLM\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48" backup-20061016-180554-950 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup backup-20061016-180554-398 O4 - HKLM\..\Run: [newname] C:\\nwnmff_e28.exe backup-20061016-180554-330 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC backup-20061016-180554-570 O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 backup-20061016-180554-704 O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061016-180554-903 O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit backup-20061016-180554-796 O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe backup-20061016-180554-473 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install backup-20061016-180554-465 O4 - HKLM\..\Run: [DrvListnr] C:\Program Files\Analog Devices\SoundMAX\DrvListnr.exe backup-20061016-180554-458 O4 - HKLM\..\Run: [WinDLL (dsaxd.dll)] rundll32.exe C:\WINDOWS\System32\dsaxd.dll,start backup-20061016-180554-420 O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe backup-20061016-180554-213 O4 - HKLM\..\Run: [ncw80004] RUNDLL32.EXE w00a5ae1.dll,n 003800010000000a00a5ae1 backup-20061016-180554-206 O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e29.exe backup-20061016-180554-144 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe backup-20061016-180554-597 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName backup-20061016-180554-127 O4 - HKLM\..\Run: [defender] C:\\dfndrff_e29.exe backup-20061016-180554-581 R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll backup-20061016-180554-360 F2 - REG:system.ini: UserInit=userinit.exe backup-20061016-180554-726 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens backup-20061016-180554-755 O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing) Completion time: 06-11-14 23:01:11.98 C:\ComboFix.txt ... 06-11-14 23:01 que faire à présent ?
- le 16 novembre 2006
- 1 réponse
Rapport hijackthis ou comment eradiquer deluxe communication

metziarr a répondu à un(e) sujet de robu dans Analyses et éradication malwares

je up car j'ai exactement le meme probleme que le créateur du topic... voici mon rapport combofix : ComboFix 06.11.9 - Running from: "C:\Program Files\Mozilla Firefox" ((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Documents and Settings\manoa henrytos\Application Data\Dxcknwrd.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\mc-110-12-0000730.exe C:\WINDOWS\system32\aaa00000.sys C:\WINDOWS\uninstall_nmon.vbs C:\Documents and Settings\LocalService\Application Data\NetMon C:\Program Files\Deskbar C:\Program Files\network monitor C:\Program Files\Fichiers communs\{889BA193-07CF-1036-0529-021203200020} ((((((((((((((((((((((((((((((( Files Created from 2006-10-14 to 2006-11-14 )))))))))))))))))))))))))))))))))) 2006-11-14 22:50 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys 2006-11-14 22:50 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys 2006-11-14 22:50 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys 2006-11-14 22:50 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys 2006-10-16 17:12 53,248 --a------ C:\WINDOWS\system32\Process.exe 2006-10-16 17:12 42,496 --a------ C:\WINDOWS\system32\swreg.exe 2006-10-16 17:12 40,960 --a------ C:\WINDOWS\system32\swsc.exe 2006-10-16 17:12 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2006-10-15 13:34 65,536 --a------ C:\WINDOWS\system32\EPPicMgr.dll 2006-10-15 13:34 483,328 --a------ C:\WINDOWS\system32\PICSDK.dll 2006-10-15 13:34 114,688 --a------ C:\WINDOWS\system32\EpPicPrt.dll 2006-10-15 13:33 98,304 --a------ C:\WINDOWS\system32\E_SAGSET.DLL 2006-10-15 13:33 79,622 --a------ C:\WINDOWS\system32\EBPMON24.DLL 2006-10-15 13:33 64,000 --a------ C:\WINDOWS\system32\ECBTEG.DLL 2006-10-15 13:33 34,304 --a------ C:\WINDOWS\system32\EBPCHP.DLL 2006-10-15 13:33 31,744 --a------ C:\WINDOWS\system32\E_DCINST.DLL 2006-10-15 13:33 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-14 23:00 -------- d-------- C:\Program Files\Fichiers communs 2006-11-14 22:59 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-14 22:52 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\AVG7 2006-11-14 22:50 -------- d-------- C:\Program Files\Grisoft 2006-11-14 22:45 -------- d-------- C:\Program Files\ewido anti-spyware 4.0 2006-11-10 00:40 -------- d-------- C:\Program Files\Championship Manager 99-00 2006-11-06 19:07 -------- d-------- C:\Program Files\Winamp 2006-11-05 23:38 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\vlc 2006-11-05 23:25 -------- d-------- C:\Program Files\VideoLAN 2006-11-05 23:19 -------- d-------- C:\Program Files\Matroska Playback Pack 2006-11-05 02:42 -------- d---s---- C:\Documents and Settings\manoa henrytos\Application Data\Microsoft 2006-11-05 02:22 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Real 2006-11-05 02:20 -------- d-------- C:\Program Files\Real 2006-11-05 02:20 -------- d-------- C:\Program Files\Fichiers communs\xing shared 2006-11-05 02:20 -------- d-------- C:\Program Files\Fichiers communs\Real 2006-10-30 23:58 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Mozilla 2006-10-27 10:22 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-27 10:22 -------- d-------- C:\Program Files\Google 2006-10-27 10:22 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Google 2006-10-27 10:18 -------- d-------- C:\Program Files\CCleaner 2006-10-19 14:50 -------- d-------- C:\Program Files\LimeWire 2006-10-19 01:43 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Ahead 2006-10-19 01:28 -------- d-------- C:\Program Files\Fichiers communs\Ahead 2006-10-19 01:27 -------- d-------- C:\Program Files\Nero 2006-10-16 17:31 -------- d-------- C:\Program Files\eMule 2006-10-15 14:10 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Help 2006-10-15 14:02 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\EPSON 2006-10-15 13:36 -------- d-------- C:\Program Files\Fichiers communs\InstallShield 2006-10-15 13:34 -------- d-------- C:\Program Files\EPSON 2006-10-13 00:22 0 --a------ C:\WINDOWS\system32\27031_redworld.exe 2006-10-13 00:12 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\uTorrent 2006-10-12 23:59 -------- d-------- C:\Program Files\uTorrent 2006-10-08 15:08 -------- d-------- C:\Program Files\Web media Player 2006-10-08 15:08 -------- d-------- C:\Program Files\Ares 2006-10-08 15:07 -------- d-------- C:\Program Files\DivX 2006-10-02 16:39 -------- d-------- C:\Program Files\NetMeeting 2006-10-02 16:32 -------- d-------- C:\Program Files\MSN Messenger 2006-09-24 11:47 -------- d-------- C:\Program Files\VirtualDJ 2006-09-24 11:25 -------- d-------- C:\Program Files\adslTV 2006-09-10 16:41 0 --a------ C:\WINDOWS\system32\eraseme_07611.exe 2006-09-06 14:49 0 --a------ C:\WINDOWS\system32\eraseme_20518.exe 2006-08-25 13:26 138 --a------ C:\Program Files\INSTALL.LOG 2006-08-24 23:10 62 --ahs---- C:\Documents and Settings\manoa henrytos\Application Data\desktop.ini 2006-08-24 22:48 1233 --a------ C:\WINDOWS\system32\ncw80004.sys 2006-08-24 22:35 44 --a------ C:\WINDOWS\system32\msssc.dll 2006-08-24 22:25 0 -rahs---- C:\MSDOS.SYS 2006-08-24 22:25 0 -rahs---- C:\IO.SYS 2006-08-24 22:25 0 --a------ C:\CONFIG.SYS 2006-08-24 22:25 0 --a------ C:\AUTOEXEC.BAT (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000004 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "fzwi"="C:\\Program Files\\Fichiers communs\\fzwi\\fzwim.exe" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "fzwi"="C:\\Program Files\\Fichiers communs\\fzwi\\fzwim.exe" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\Run] "{889BA193-07CF-1036-0529-021203200020}"="\"C:\\Program Files\\Fichiers communs\\{889BA193-07CF-1036-0529-021203200020}\\Update.exe\" mc-110-12-0000730" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\Run] "{889BA193-07CF-1036-0529-021203200020}"="\"C:\\Program Files\\Fichiers communs\\{889BA193-07CF-1036-0529-021203200020}\\Update.exe\" mc-110-12-0000730" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20061113-171335-882 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot backup-20061113-171335-750 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe backup-20061113-171335-615 O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061113-171335-229 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe backup-20061113-171335-498 O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061113-171335-743 O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" backup-20061113-171335-414 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup backup-20061113-171335-260 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ backup-20061113-171335-239 R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll backup-20061103-113717-680 O23 - Service: Local Network Service (algs) - Unknown owner - C:\WINDOWS\scvh0st.exe (file missing) backup-20061103-113707-921 O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061103-113707-827 R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll backup-20061103-113707-285 O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061016-180557-331 O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) backup-20061016-180557-122 O23 - Service: Local Network Service (algs) - Unknown owner - C:\WINDOWS\scvh0st.exe (file missing) backup-20061016-180557-150 O23 - Service: Microsoft Star Window Service - Unknown owner - C:\WINDOWS\System32\dllcache\starwin32.exe backup-20061016-180554-976 O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab backup-20061016-180554-588 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL backup-20061016-180554-527 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL backup-20061016-180554-487 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab backup-20061016-180554-561 O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll backup-20061016-180554-400 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll backup-20061016-180554-246 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background backup-20061016-180554-599 O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061016-180554-541 O4 - HKCU\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /M "Stylus C48" /EF "HKCU" backup-20061016-180554-979 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe backup-20061016-180554-364 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe backup-20061016-180554-476 O4 - HKLM\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48" backup-20061016-180554-950 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup backup-20061016-180554-398 O4 - HKLM\..\Run: [newname] C:\\nwnmff_e28.exe backup-20061016-180554-330 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC backup-20061016-180554-570 O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 backup-20061016-180554-704 O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe backup-20061016-180554-903 O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit backup-20061016-180554-796 O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe backup-20061016-180554-473 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install backup-20061016-180554-465 O4 - HKLM\..\Run: [DrvListnr] C:\Program Files\Analog Devices\SoundMAX\DrvListnr.exe backup-20061016-180554-458 O4 - HKLM\..\Run: [WinDLL (dsaxd.dll)] rundll32.exe C:\WINDOWS\System32\dsaxd.dll,start backup-20061016-180554-420 O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe backup-20061016-180554-213 O4 - HKLM\..\Run: [ncw80004] RUNDLL32.EXE w00a5ae1.dll,n 003800010000000a00a5ae1 backup-20061016-180554-206 O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e29.exe backup-20061016-180554-144 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe backup-20061016-180554-597 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName backup-20061016-180554-127 O4 - HKLM\..\Run: [defender] C:\\dfndrff_e29.exe backup-20061016-180554-581 R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll backup-20061016-180554-360 F2 - REG:system.ini: UserInit=userinit.exe backup-20061016-180554-726 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens backup-20061016-180554-755 O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing) Completion time: 06-11-14 23:01:11.98 C:\ComboFix.txt ... 06-11-14 23:01 que faire à présent ?
- le 14 novembre 2006
- 3 réponses

Connexion

metziarr

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par metziarr

eradiquage deluxecommunications

Rapport hijackthis ou comment eradiquer deluxe communication

Zebulon

Outils en ligne

Naviguer