Rapport hijackthis ou comment eradiquer deluxe communication

robu · le 24 octobre 2006

un pote a moi ne cesse d avoir des popup intempestifs et quelques fois des fenetres win antivirus

y a egalement un dossier dans programm files deluxe communication impossible d effacer et qui ne cesse de vouloir acceder a internet

voila le rapport hijackthis

Logfile of HijackThis v1.99.1

Scan saved at 23:40:03, on 22/10/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HijackThis\HijackThis.exe

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall\outpost.exe" /waitservice

O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

O4 - HKLM\..\RunServices: [msvcc25] svcchost.exe

O4 - HKLM\..\RunServices: [Microsoft Telecoms Center] winupcd.exe

O4 - HKLM\..\RunServices: [mysvcig38] mysvcc.exe

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

O4 - Startup: AdsGone.lnk = C:\Program Files\AdsGone\adsgone.exe

O4 - Global Startup: AdsGone 2006.lnk = C:\Program Files\AdsGone\adsgone.exe

O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm

O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161187078072

O20 - AppInit_DLLs: dxclib303562752.dll

O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Microsoft Logon Service - Unknown owner - C:\WINDOWS\System32\dllcache\mslogon.exe (file missing)

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

O23 - Service: Win32 Login Service (Win32 Login) - Unknown owner - C:\WINDOWS\win32logon.exe

merci pour votre aide

Modifié le 24 octobre 2006 par robu

bruce lee · le 25 octobre 2006

bonjour robu et bienvenue sur zebulon

1. Télécharge combofix.exe (par sUBs) sur ton Bureau

2. Double clique combofix.exe et suis les invites.

3. Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

@+

metziarr · le 14 novembre 2006

je up car j'ai exactement le meme probleme que le créateur du topic...

voici mon rapport combofix :

ComboFix 06.11.9 - Running from: "C:\Program Files\Mozilla Firefox"

((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Documents and Settings\manoa henrytos\Application Data\Dxcknwrd.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\mc-110-12-0000730.exe

C:\WINDOWS\system32\aaa00000.sys

C:\WINDOWS\uninstall_nmon.vbs

C:\Documents and Settings\LocalService\Application Data\NetMon

C:\Program Files\Deskbar

C:\Program Files\network monitor

C:\Program Files\Fichiers communs\{889BA193-07CF-1036-0529-021203200020}

((((((((((((((((((((((((((((((( Files Created from 2006-10-14 to 2006-11-14 ))))))))))))))))))))))))))))))))))

2006-11-14 22:50 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys

2006-11-14 22:50 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys

2006-11-14 22:50 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys

2006-11-14 22:50 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys

2006-10-16 17:12 53,248 --a------ C:\WINDOWS\system32\Process.exe

2006-10-16 17:12 42,496 --a------ C:\WINDOWS\system32\swreg.exe

2006-10-16 17:12 40,960 --a------ C:\WINDOWS\system32\swsc.exe

2006-10-16 17:12 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

2006-10-15 13:34 65,536 --a------ C:\WINDOWS\system32\EPPicMgr.dll

2006-10-15 13:34 483,328 --a------ C:\WINDOWS\system32\PICSDK.dll

2006-10-15 13:34 114,688 --a------ C:\WINDOWS\system32\EpPicPrt.dll

2006-10-15 13:33 98,304 --a------ C:\WINDOWS\system32\E_SAGSET.DLL

2006-10-15 13:33 79,622 --a------ C:\WINDOWS\system32\EBPMON24.DLL

2006-10-15 13:33 64,000 --a------ C:\WINDOWS\system32\ECBTEG.DLL

2006-10-15 13:33 34,304 --a------ C:\WINDOWS\system32\EBPCHP.DLL

2006-10-15 13:33 31,744 --a------ C:\WINDOWS\system32\E_DCINST.DLL

2006-10-15 13:33 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-11-14 23:00 -------- d-------- C:\Program Files\Fichiers communs

2006-11-14 22:59 -------- d-------- C:\Program Files\Mozilla Firefox

2006-11-14 22:52 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\AVG7

2006-11-14 22:50 -------- d-------- C:\Program Files\Grisoft

2006-11-14 22:45 -------- d-------- C:\Program Files\ewido anti-spyware 4.0

2006-11-10 00:40 -------- d-------- C:\Program Files\Championship Manager 99-00

2006-11-06 19:07 -------- d-------- C:\Program Files\Winamp

2006-11-05 23:38 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\vlc

2006-11-05 23:25 -------- d-------- C:\Program Files\VideoLAN

2006-11-05 23:19 -------- d-------- C:\Program Files\Matroska Playback Pack

2006-11-05 02:42 -------- d---s---- C:\Documents and Settings\manoa henrytos\Application Data\Microsoft

2006-11-05 02:22 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Real

2006-11-05 02:20 -------- d-------- C:\Program Files\Real

2006-11-05 02:20 -------- d-------- C:\Program Files\Fichiers communs\xing shared

2006-11-05 02:20 -------- d-------- C:\Program Files\Fichiers communs\Real

2006-10-30 23:58 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Mozilla

2006-10-27 10:22 -------- d--h----- C:\Program Files\InstallShield Installation Information

2006-10-27 10:22 -------- d-------- C:\Program Files\Google

2006-10-27 10:22 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Google

2006-10-27 10:18 -------- d-------- C:\Program Files\CCleaner

2006-10-19 14:50 -------- d-------- C:\Program Files\LimeWire

2006-10-19 01:43 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Ahead

2006-10-19 01:28 -------- d-------- C:\Program Files\Fichiers communs\Ahead

2006-10-19 01:27 -------- d-------- C:\Program Files\Nero

2006-10-16 17:31 -------- d-------- C:\Program Files\eMule

2006-10-15 14:10 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\Help

2006-10-15 14:02 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\EPSON

2006-10-15 13:36 -------- d-------- C:\Program Files\Fichiers communs\InstallShield

2006-10-15 13:34 -------- d-------- C:\Program Files\EPSON

2006-10-13 00:22 0 --a------ C:\WINDOWS\system32\27031_redworld.exe

2006-10-13 00:12 -------- d-------- C:\Documents and Settings\manoa henrytos\Application Data\uTorrent

2006-10-12 23:59 -------- d-------- C:\Program Files\uTorrent

2006-10-08 15:08 -------- d-------- C:\Program Files\Web media Player

2006-10-08 15:08 -------- d-------- C:\Program Files\Ares

2006-10-08 15:07 -------- d-------- C:\Program Files\DivX

2006-10-02 16:39 -------- d-------- C:\Program Files\NetMeeting

2006-10-02 16:32 -------- d-------- C:\Program Files\MSN Messenger

2006-09-24 11:47 -------- d-------- C:\Program Files\VirtualDJ

2006-09-24 11:25 -------- d-------- C:\Program Files\adslTV

2006-09-10 16:41 0 --a------ C:\WINDOWS\system32\eraseme_07611.exe

2006-09-06 14:49 0 --a------ C:\WINDOWS\system32\eraseme_20518.exe

2006-08-25 13:26 138 --a------ C:\Program Files\INSTALL.LOG

2006-08-24 23:10 62 --ahs---- C:\Documents and Settings\manoa henrytos\Application Data\desktop.ini

2006-08-24 22:48 1233 --a------ C:\WINDOWS\system32\ncw80004.sys

2006-08-24 22:35 44 --a------ C:\WINDOWS\system32\msssc.dll

2006-08-24 22:25 0 -rahs---- C:\MSDOS.SYS

2006-08-24 22:25 0 -rahs---- C:\IO.SYS

2006-08-24 22:25 0 --a------ C:\CONFIG.SYS

2006-08-24 22:25 0 --a------ C:\AUTOEXEC.BAT

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"

"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]

"DeskHtmlVersion"=dword:00000110

"DeskHtmlMinorVersion"=dword:00000005

"Settings"=dword:00000001

"GeneralFlags"=dword:00000004

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

"fzwi"="C:\\Program Files\\Fichiers communs\\fzwi\\fzwim.exe"

"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

"fzwi"="C:\\Program Files\\Fichiers communs\\fzwi\\fzwim.exe"

"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\Run]

"{889BA193-07CF-1036-0529-021203200020}"="\"C:\\Program Files\\Fichiers communs\\{889BA193-07CF-1036-0529-021203200020}\\Update.exe\" mc-110-12-0000730"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\Run]

"{889BA193-07CF-1036-0529-021203200020}"="\"C:\\Program Files\\Fichiers communs\\{889BA193-07CF-1036-0529-021203200020}\\Update.exe\" mc-110-12-0000730"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]

"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"

"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20061113-171335-882

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

backup-20061113-171335-750

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

backup-20061113-171335-615

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

backup-20061113-171335-229

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

backup-20061113-171335-498

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

backup-20061113-171335-743

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

backup-20061113-171335-414

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

backup-20061113-171335-260

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

backup-20061113-171335-239

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll

backup-20061103-113717-680

O23 - Service: Local Network Service (algs) - Unknown owner - C:\WINDOWS\scvh0st.exe (file missing)

backup-20061103-113707-921

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

backup-20061103-113707-827

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll

backup-20061103-113707-285

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

backup-20061016-180557-331

O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)

backup-20061016-180557-122

O23 - Service: Local Network Service (algs) - Unknown owner - C:\WINDOWS\scvh0st.exe (file missing)

backup-20061016-180557-150

O23 - Service: Microsoft Star Window Service - Unknown owner - C:\WINDOWS\System32\dllcache\starwin32.exe

backup-20061016-180554-976

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

backup-20061016-180554-588

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

backup-20061016-180554-527

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

backup-20061016-180554-487

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

backup-20061016-180554-561

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

backup-20061016-180554-400

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

backup-20061016-180554-246

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

backup-20061016-180554-599

O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

backup-20061016-180554-541

O4 - HKCU\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /M "Stylus C48" /EF "HKCU"

backup-20061016-180554-979

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

backup-20061016-180554-364

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

backup-20061016-180554-476

O4 - HKLM\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48"

backup-20061016-180554-950

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

backup-20061016-180554-398

O4 - HKLM\..\Run: [newname] C:\\nwnmff_e28.exe

backup-20061016-180554-330

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

backup-20061016-180554-570

O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32

backup-20061016-180554-704

O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe

backup-20061016-180554-903

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

backup-20061016-180554-796

O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe

backup-20061016-180554-473

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

backup-20061016-180554-465

O4 - HKLM\..\Run: [DrvListnr] C:\Program Files\Analog Devices\SoundMAX\DrvListnr.exe

backup-20061016-180554-458

O4 - HKLM\..\Run: [WinDLL (dsaxd.dll)] rundll32.exe C:\WINDOWS\System32\dsaxd.dll,start

backup-20061016-180554-420

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

backup-20061016-180554-213

O4 - HKLM\..\Run: [ncw80004] RUNDLL32.EXE w00a5ae1.dll,n 003800010000000a00a5ae1

backup-20061016-180554-206

O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e29.exe

backup-20061016-180554-144

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

backup-20061016-180554-597

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

backup-20061016-180554-127

O4 - HKLM\..\Run: [defender] C:\\dfndrff_e29.exe

backup-20061016-180554-581

R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll

backup-20061016-180554-360

F2 - REG:system.ini: UserInit=userinit.exe

backup-20061016-180554-726

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

backup-20061016-180554-755

O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing)

Completion time: 06-11-14 23:01:11.98

C:\ComboFix.txt ... 06-11-14 23:01

que faire à présent ?

bruce lee · le 15 novembre 2006

bonjour metziarr,

créer ton propre sujet s'il te plait.

Connexion

Pas encore inscrit ?

Rapport hijackthis ou comment eradiquer deluxe communication

Messages recommandés

robu

Lien vers le commentaire

Partager sur d’autres sites

bruce lee

Lien vers le commentaire

Partager sur d’autres sites

metziarr

Lien vers le commentaire

Partager sur d’autres sites

bruce lee

Lien vers le commentaire

Partager sur d’autres sites

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer