Bonjours à tout le monde !!

Je viens demander un peu d'aide après avoir essayé pas mal de choses afin d'arreter ces popup intempestifs et genant.

J'ai donc analyser mon pc avec Norton Antivirus 2006, Ad-Aware SE, AVG, AVG AS et je l'ai nettoyé avec regcleaner et Ccleaner ==> en vain, les popup persistent

Si quelqun pouvait m'aider ou me renseigner, sa ne serait pas de refus...

Je poste le log Hijackthis :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:36:58, on 01/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\Jean-Luc\Bureau\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: (no name) - {40586058-DC9B-4458-9105-4C54B704502B} - C:\WINDOWS\system32\jkhfd.dll
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\system32\cgmopenbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {C5E02D55-E7B6-4AD1-8140-D418D409A047} - (no file)
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - (no file)
O2 - BHO: (no name) - {DE3BEBDB-AEE7-4277-8B6E-4EEFFA9508AE} - (no file)
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Microsoft QMGR] msnqmgr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\pfwfijlt.dll",realset
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [Microsoft QMGR] msnqmgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Updater] C:\Program Files\Carpe Diem\msx\CDUpdater.exe CD_UPDATER
O4 - HKCU\..\Run: [C:\WINDOWS\System32\icaletu.dll] C:\WINDOWS\System32\icaletu.dll /c del ÉÂ >nul
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2.fr/startpage/dialup/fr/
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{55CE7DDF-F1E6-45F8-B820-7D29739DF56D}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: ddcawut - ddcawut.dll (file missing)
O20 - Winlogon Notify: jkhfd - C:\WINDOWS\system32\jkhfd.dll
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 14037 bytes

Voila...
Bonne fin de journée a tous et bonne semaine !!

Bonjour

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer.
* Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo.
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown" ); clique OK
* Démarre ton PC à nouveau.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Voici mon rapport VundoFix :

VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 18:41:48 01/05/2007

Listing files found while scanning....

C:\WINDOWS\system32\dfhkj.bak1
C:\WINDOWS\system32\dfhkj.bak2
C:\WINDOWS\system32\dfhkj.ini
C:\WINDOWS\system32\dfhkj.ini2
C:\WINDOWS\system32\dfhkj.tmp
C:\WINDOWS\system32\jkhfd.dll
C:\WINDOWS\system32\pfwfijlt.dll
C:\WINDOWS\system32\tljifwfp.ini

Beginning removal...

Attempting to delete C:\WINDOWS\system32\dfhkj.bak1
C:\WINDOWS\system32\dfhkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.bak2
C:\WINDOWS\system32\dfhkj.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.ini
C:\WINDOWS\system32\dfhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.ini2
C:\WINDOWS\system32\dfhkj.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.tmp
C:\WINDOWS\system32\dfhkj.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhfd.dll
C:\WINDOWS\system32\jkhfd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pfwfijlt.dll
C:\WINDOWS\system32\pfwfijlt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tljifwfp.ini
C:\WINDOWS\system32\tljifwfp.ini Has been deleted!

Performing Repairs to the registry.
Done!


Et celui de HijackThis :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:18:03, on 01/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Norton AntiVirus\NAVW32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\François\Bureau\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tele2.fr/startpage/dialup/fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: (no name) - {40586058-DC9B-4458-9105-4C54B704502B} - C:\WINDOWS\system32\jkhfd.dll (file missing)
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\system32\cgmopenbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {DE3BEBDB-AEE7-4277-8B6E-4EEFFA9508AE} - (no file)
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Microsoft QMGR] msnqmgr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\pfwfijlt.dll",realset
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [Microsoft QMGR] msnqmgr.exe
O4 - HKCU\..\Run: [JBumRSYFX] wpnispl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1920743961-3412159194-287554101-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Jean-Luc')
O4 - HKUS\S-1-5-21-1920743961-3412159194-287554101-1005\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User 'Jean-Luc')
O4 - HKUS\S-1-5-21-1920743961-3412159194-287554101-1005\..\Run: [gStart] C:\Garmin\gStart.exe (User 'Jean-Luc')
O4 - HKUS\S-1-5-21-1920743961-3412159194-287554101-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Lydia')
O4 - HKUS\S-1-5-21-1920743961-3412159194-287554101-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Anne')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2.fr/startpage/dialup/fr/
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{55CE7DDF-F1E6-45F8-B820-7D29739DF56D}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: ddcawut - ddcawut.dll (file missing)
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 13669 bytes


Par contre, au redemarrage de Windows, un message d'erreur est apparu : " erreur de chargement C:\windows\system32\pfwfilt.dll le module spécifié est introuvable"

Voila, merci d'avance

Encore quelques fichiers Vundo. C'est pour cela que tu as cette alerte.
Mais il y a aussi d'autres infections.

Tu as deux antivirus, Norton et AVG7. Il y a risque de conflit.
Désinstalle et supprime en un.

On continue.

• Double-clique VundoFix.exe afin de le lancer.

---> Ne clique pas sur "Scan for Vundo"

• Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
• Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

C:\WINDOWS\system32\cgmopenbho.dll

• Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

C:\WINDOWS\system32\pfwfijlt.dll

• Clique sur le bouton "Add File(s)"
• Clique sur le bouton "Close Window"
• Clique à nouveau sur "Remove Vundo"
• Une invite te demandera si tu veux supprimer les fichiers, clique YES
• Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
• Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown" ); clique OK
• Démarre ton PC à nouveau.

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.


Fais aussi ceci.


Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau
http://www.malekal.com/download/DiagHelp.zip
- Fais un clic droit sur le fichier et extraire tout
- Un nouveau dossier chercher va être créé DiagHelp
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
- Une fenêtre va s'ouvrir, choisis l'option 1
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
- A la fin de l'analyse, il te sera peut-être redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller


Télécharge SmitfraudFix de S!Ri:
http://siri.urz.free.fr/Fix/SmitfraudFix.php
Tu le dézippes sur le Bureau.
Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
Poste le rapport.

D'accord, merci pour ces explications.

Voici le rapport de Hijackthis :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:12:29, on 01/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\François\Bureau\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tele2.fr/startpage/dialup/fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: (no name) - {40586058-DC9B-4458-9105-4C54B704502B} - C:\WINDOWS\system32\jkhfd.dll (file missing)
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\system32\cgmopenbho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {DE3BEBDB-AEE7-4277-8B6E-4EEFFA9508AE} - (no file)
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Microsoft QMGR] msnqmgr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\pfwfijlt.dll",realset
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [Microsoft QMGR] msnqmgr.exe
O4 - HKCU\..\Run: [JBumRSYFX] wpnispl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tele2.fr/startpage/dialup/fr/
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{55CE7DDF-F1E6-45F8-B820-7D29739DF56D}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: ddcawut - ddcawut.dll (file missing)
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 12097 bytes

Le rapport Vundo :

VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 18:41:48 01/05/2007

Listing files found while scanning....

C:\WINDOWS\system32\dfhkj.bak1
C:\WINDOWS\system32\dfhkj.bak2
C:\WINDOWS\system32\dfhkj.ini
C:\WINDOWS\system32\dfhkj.ini2
C:\WINDOWS\system32\dfhkj.tmp
C:\WINDOWS\system32\jkhfd.dll
C:\WINDOWS\system32\pfwfijlt.dll
C:\WINDOWS\system32\tljifwfp.ini

Beginning removal...

Attempting to delete C:\WINDOWS\system32\dfhkj.bak1
C:\WINDOWS\system32\dfhkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.bak2
C:\WINDOWS\system32\dfhkj.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.ini
C:\WINDOWS\system32\dfhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.ini2
C:\WINDOWS\system32\dfhkj.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\dfhkj.tmp
C:\WINDOWS\system32\dfhkj.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkhfd.dll
C:\WINDOWS\system32\jkhfd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pfwfijlt.dll
C:\WINDOWS\system32\pfwfijlt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tljifwfp.ini
C:\WINDOWS\system32\tljifwfp.ini Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\cgmopenbho.dll
C:\WINDOWS\system32\cgmopenbho.dll Has been deleted!

Performing Repairs to the registry.
Done!

Les resultats de DiagHelp :

C:\WINDOWS\System32/drivers\SYMEVENT.SYS -->30/04/2007 19:47:56
C:\WINDOWS\System32/drivers\SYMEVENT.INF -->30/04/2007 19:47:56
C:\WINDOWS\System32/drivers\SYMEVENT.CAT -->30/04/2007 19:47:56
C:\WINDOWS\System32/drivers\k750wh.sys -->28/04/2007 14:01:56
C:\WINDOWS\System32/drivers\k750cm.sys -->28/04/2007 14:01:51
C:\WINDOWS\System32/drivers\symtdi.sys -->28/03/2007 18:51:48
C:\WINDOWS\System32/drivers\symredrv.sys -->28/03/2007 18:51:42

C:\WINDOWS\System32\wpa.dbl -->01/05/2007 19:59:31
C:\WINDOWS\System32\nvapps.xml -->01/05/2007 19:58:06
C:\WINDOWS\System32\S32EVNT1.DLL -->30/04/2007 19:47:56
C:\WINDOWS\System32\mcrh.tmp -->30/04/2007 13:44:23
C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->21/04/2007 15:09:27
C:\WINDOWS\System32\FNTCACHE.DAT -->04/04/2007 19:08:23
C:\WINDOWS\System32\MRT.exe -->03/04/2007 22:48:52
C:\WINDOWS\System32\SymNeti.dll -->28/03/2007 18:51:54
C:\WINDOWS\System32\SymRedir.dll -->28/03/2007 18:51:52
C:\WINDOWS\System32\perfh00C.dat -->25/03/2007 10:57:56
C:\WINDOWS\System32\perfh009.dat -->25/03/2007 10:57:56
C:\WINDOWS\System32\perfc00C.dat -->25/03/2007 10:57:56
C:\WINDOWS\System32\perfc009.dat -->25/03/2007 10:57:56
C:\WINDOWS\System32\PerfStringBackup.INI -->25/03/2007 10:57:55
C:\WINDOWS\System32\winsrv.dll -->17/03/2007 15:44:47
C:\WINDOWS\System32\javaws.exe -->14/03/2007 02:04:46
C:\WINDOWS\System32\javacpl.cpl -->14/03/2007 02:04:46
C:\WINDOWS\System32\javaw.exe -->14/03/2007 00:31:28
C:\WINDOWS\System32\java.exe -->14/03/2007 00:31:24
C:\WINDOWS\System32\xpsp3res.dll -->09/03/2007 13:51:20
C:\WINDOWS\System32\user32.dll -->08/03/2007 17:37:50
C:\WINDOWS\System32\mf3216.dll -->08/03/2007 17:37:50
C:\WINDOWS\System32\gdi32.dll -->08/03/2007 17:37:50
C:\WINDOWS\System32\win32k.sys -->08/03/2007 17:33:58
C:\WINDOWS\System32\ntoskrnl.exe -->28/02/2007 18:02:36

C:\WINDOWS\0.log -->01/05/2007 19:58:34
C:\WINDOWS\WindowsUpdate.log -->01/05/2007 19:58:17
C:\WINDOWS\bootstat.dat -->01/05/2007 19:57:35
C:\WINDOWS\wiadebug.log -->01/05/2007 19:15:44
C:\WINDOWS\wiaservc.log -->01/05/2007 19:15:36
C:\WINDOWS\QTFont.qfn -->01/05/2007 18:17:05
C:\WINDOWS\tsc.ini -->01/05/2007 17:07:34
C:\WINDOWS\vsapi32.dll -->01/05/2007 16:30:34
C:\WINDOWS\tsc.ptn -->01/05/2007 16:30:34
C:\WINDOWS\tsc.exe -->01/05/2007 16:30:34
C:\WINDOWS\hcextoutput.dll -->01/05/2007 16:30:34
C:\WINDOWS\BPMNT.dll -->01/05/2007 16:30:33
C:\WINDOWS\VPTNFILE.445 -->01/05/2007 16:30:32
C:\WINDOWS\LPT$VPN.445 -->01/05/2007 16:30:32
C:\WINDOWS\GetServer.ini -->01/05/2007 16:24:07

C:\WINDOWS\AMUninst01c.exe |06/05/2006 12:24:00
C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |26/02/2006 15:06:41
C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |16/07/2006 08:34:36
C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe |21/02/2007 14:51:47
C:\WINDOWS\CDILLA10.EXE |31/08/2004 11:27:14
C:\WINDOWS\CDILLA16.EXE |31/08/2004 11:27:14
C:\WINDOWS\CDILLA64.EXE |31/08/2004 11:27:14
C:\WINDOWS\CMIRMDRV.EXE |20/08/2003 16:09:28
C:\WINDOWS\CmiRmRedundDir.exe |20/08/2003 16:09:23
C:\WINDOWS\CMIUninstall.exe |20/08/2003 16:09:23
C:\WINDOWS\HCXPKUCM.exe |23/03/2005 18:58:04
C:\WINDOWS\IsUn040c.exe |20/08/2003 15:05:03
C:\WINDOWS\IsUninst.exe |20/08/2003 15:51:02
C:\WINDOWS\iun6002.exe |24/08/2004 11:19:28
C:\WINDOWS\Matrix Code.exe |01/10/2004 20:39:25
C:\WINDOWS\PATCH.EXE |01/05/2007 16:23:43
C:\WINDOWS\runtsckl.exe |02/11/2005 18:07:12
C:\WINDOWS\slrundll.exe |20/08/2004 01:10:02
C:\WINDOWS\tsc.exe |01/05/2007 16:30:34
C:\WINDOWS\twunk_16.exe |20/08/2003 16:41:09
C:\WINDOWS\twunk_32.exe |20/08/2003 16:41:09
C:\WINDOWS\unin040c.exe |14/06/2004 19:12:26
C:\WINDOWS\uninst.exe |20/06/2004 13:38:55
C:\WINDOWS\unvise32.exe |21/08/2004 21:46:19
C:\WINDOWS\unvise32qt.exe |17/06/2004 13:28:49
C:\WINDOWS\UNWISE.EXE |21/08/2004 17:28:49
C:\WINDOWS\zipinst.exe |18/03/2007 12:42:05
C:\WINDOWS\_MSRSTRT.EXE |23/12/2005 20:34:52
C:\WINDOWS\AUDIO3D.DLL |20/08/2003 16:09:28
C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20
C:\WINDOWS\BPMNT.dll |01/05/2007 16:30:33
C:\WINDOWS\CDILLA05.DLL |31/08/2004 11:27:14
C:\WINDOWS\CDILLA13.DLL |31/08/2004 11:27:14
C:\WINDOWS\CDILLA32.DLL |31/08/2004 11:27:14
C:\WINDOWS\CDILLA40.DLL |31/08/2004 11:27:14
C:\WINDOWS\CMIDS3D.DLL |20/08/2003 16:09:28
C:\WINDOWS\CMIRmDriver.dll |20/08/2003 16:09:23
C:\WINDOWS\CMIRMDRV.DLL |20/08/2003 16:09:28
C:\WINDOWS\CMIWCNFG.DLL |20/08/2003 16:09:28
C:\WINDOWS\CMUDA.DLL |20/08/2003 16:09:28
C:\WINDOWS\exeshl.dll |28/04/2005 18:08:39
C:\WINDOWS\hcextoutput.dll |01/05/2007 16:30:34
C:\WINDOWS\impborl.dll |18/06/2004 18:41:39
C:\WINDOWS\loadhttp.dll |15/10/2002 14:29:40
C:\WINDOWS\mickey32.dll |18/09/2004 16:46:15
C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46
C:\WINDOWS\Syskernel12.dll |13/08/2005 12:34:08
C:\WINDOWS\TMUPDATE.DLL |01/05/2007 16:23:44
C:\WINDOWS\twain.dll |20/08/2003 16:41:09
C:\WINDOWS\twain_32.dll |20/08/2003 16:41:09
C:\WINDOWS\UDAPROP.DLL |20/08/2003 16:09:28
C:\WINDOWS\UNZIP.DLL |01/05/2007 16:23:43
C:\WINDOWS\vsapi32.dll |01/05/2007 16:30:33
C:\WINDOWS\system32\append.exe |20/08/2003 16:40:19
C:\WINDOWS\system32\cmirmdrv.exe |20/08/2003 16:09:28
C:\WINDOWS\system32\debug.exe |20/08/2003 16:40:23
C:\WINDOWS\system32\dosx.exe |20/08/2003 16:40:24
C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34
C:\WINDOWS\system32\edlin.exe |20/08/2003 16:40:34
C:\WINDOWS\system32\exe2bin.exe |20/08/2003 16:40:35
C:\WINDOWS\system32\fastopen.exe |20/08/2003 16:40:35
C:\WINDOWS\system32\FileOps.exe |11/11/2004 10:37:55
C:\WINDOWS\system32\InstMed.exe |26/02/2006 15:08:00
C:\WINDOWS\system32\ipdetect.exe |05/03/2005 19:17:07
C:\WINDOWS\system32\java.exe |21/04/2007 15:09:28
C:\WINDOWS\system32\javaw.exe |21/04/2007 15:09:28
C:\WINDOWS\system32\javaws.exe |21/04/2007 15:09:28
C:\WINDOWS\system32\keystone.exe |10/12/2005 03:06:00
C:\WINDOWS\system32\LVCOMSX.EXE |08/10/2004 12:52:32
C:\WINDOWS\system32\mem.exe |20/08/2003 16:40:45
C:\WINDOWS\system32\mscdexnt.exe |20/08/2003 16:40:48
C:\WINDOWS\system32\NeroCheck.exe |09/07/2001 12:50:42
C:\WINDOWS\system32\nlsfunc.exe |20/08/2003 16:40:55
C:\WINDOWS\system32\nvappbar.exe |10/12/2005 03:06:00
C:\WINDOWS\system32\nvcolor.exe |10/12/2005 03:06:00
C:\WINDOWS\system32\nvcplui.exe |01/06/2006 17:22:00
C:\WINDOWS\system32\nvdspsch.exe |10/12/2005 03:06:00
C:\WINDOWS\system32\nvsvc32.exe |10/12/2005 03:06:00
C:\WINDOWS\system32\nvudisp.exe |01/02/2006 21:03:06
C:\WINDOWS\system32\NVUNINST.EXE |01/02/2006 21:02:22
C:\WINDOWS\system32\nwiz.exe |10/12/2005 03:06:00
C:\WINDOWS\system32\pxcpya64.exe |25/06/2005 15:03:50
C:\WINDOWS\system32\pxcpyi64.exe |25/06/2005 15:03:50
C:\WINDOWS\system32\pxhpinst.exe |31/08/2004 11:30:15
C:\WINDOWS\system32\pxinsa64.exe |25/06/2005 15:03:50
C:\WINDOWS\system32\pxinsi64.exe |25/06/2005 15:03:50
C:\WINDOWS\system32\qttask.exe |12/11/2006 00:15:02
C:\WINDOWS\system32\redir.exe |20/08/2003 16:41:01
C:\WINDOWS\system32\setver.exe |20/08/2003 16:41:03
C:\WINDOWS\system32\share.exe |20/08/2003 16:41:03
C:\WINDOWS\system32\slrundll.exe |20/08/2004 01:10:02
C:\WINDOWS\system32\slserv.exe |20/08/2004 01:10:02
C:\WINDOWS\system32\SpoonUninstall.exe |20/02/2005 17:29:45
C:\WINDOWS\system32\unaddrv.exe |05/03/2005 19:17:03
C:\WINDOWS\system32\USB2k.exe |15/06/2005 14:11:59
C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 19:47:48
C:\WINDOWS\system32\usrprbda.exe |23/08/2001 19:47:48
C:\WINDOWS\system32\usrshuta.exe |23/08/2001 19:47:48
C:\WINDOWS\system32\WATERMILL 3D SCREENSAVER_.EXE |20/05/2005 18:58:16
C:\WINDOWS\system32\3ivx.dll |16/05/2005 10:48:50
C:\WINDOWS\system32\3ivxVfWC.dll |16/05/2005 10:48:50
C:\WINDOWS\system32\a3d.dll |20/08/2003 16:09:28
C:\WINDOWS\system32\ActPanel.dll |06/11/2004 13:15:51
C:\WINDOWS\system32\adadix16.dll |05/03/2005 19:17:03
C:\WINDOWS\system32\adadix2k.dll |05/03/2005 19:17:03
C:\WINDOWS\system32\adadix32.dll |05/03/2005 19:17:08
C:\WINDOWS\system32\amstream.dll |12/12/2002 00:14:32
C:\WINDOWS\system32\ati2cqag.dll |20/08/2004 01:09:19
C:\WINDOWS\system32\ati2dvaa.dll |20/08/2004 01:09:19
C:\WINDOWS\system32\ati2dvag.dll |20/08/2004 01:09:19
C:\WINDOWS\system32\ati3d1ag.dll |20/08/2004 01:09:19
C:\WINDOWS\system32\ati3duag.dll |20/08/2004 01:09:19
C:\WINDOWS\system32\ativtmxx.dll |20/08/2004 01:09:19
C:\WINDOWS\system32\ativvaxx.dll |20/08/2004 01:09:19
C:\WINDOWS\system32\atmfd.dll |20/08/2003 16:40:19
C:\WINDOWS\system32\atmlib.dll |20/08/2003 16:40:19
C:\WINDOWS\system32\Audio3D.dll |20/08/2003 16:09:28
C:\WINDOWS\system32\avisynthEx.dll |04/05/2002 15:19:00
C:\WINDOWS\system32\BBPDFPortMon.dll |30/01/2006 20:27:51
C:\WINDOWS\system32\BitCvt_EU.dll |13/01/2004 09:51:20
C:\WINDOWS\system32\bmp2gif.dll |22/07/2002 13:36:16
C:\WINDOWS\system32\borlndmm.dll |01/02/2002 08:00:00
C:\WINDOWS\system32\cc3260mt.dll |30/01/2003 07:04:00
C:\WINDOWS\system32\clrviddc.dll |11/08/1998 15:18:52
C:\WINDOWS\system32\CmdLineExt.dll |14/01/2006 22:22:14
C:\WINDOWS\system32\cmirmdrv.dll |20/08/2003 16:09:28
C:\WINDOWS\system32\cmiwcnfg.dll |20/08/2003 16:09:28
C:\WINDOWS\system32\cmuda.dll |20/08/2003 16:09:28
C:\WINDOWS\system32\CNMLM50.DLL |08/06/2004 13:39:50
C:\WINDOWS\system32\CNMVS50.DLL |09/06/2004 13:31:22
C:\WINDOWS\system32\coclassfast.dll |05/03/2005 19:17:03
C:\WINDOWS\system32\compatui.dll |20/08/2003 16:40:21
C:\WINDOWS\system32\cpuinf32.dll |12/11/2006 00:11:33
C:\WINDOWS\system32\decdnet.dll |11/08/1998 15:18:44
C:\WINDOWS\system32\dgrpsetu.dll |20/08/2003 15:46:31
C:\WINDOWS\system32\dgsetup.dll |20/08/2003 15:46:31
C:\WINDOWS\system32\DISK16.DLL |05/11/2005 12:41:16
C:\WINDOWS\system32\Disk32.dll |05/11/2005 12:41:16
C:\WINDOWS\system32\divxdec_0407.dll |27/10/2004 00:38:18
C:\WINDOWS\system32\divxdec_040c.dll |27/10/2004 00:38:18
C:\WINDOWS\system32\divxdec_0411.dll |27/10/2004 00:38:18
C:\WINDOWS\system32\encdec.dll |20/08/2003 16:40:34
C:\WINDOWS\system32\EqnClass.Dll |20/08/2003 15:46:31
C:\WINDOWS\system32\FFRAFLIB.DLL |09/05/2005 19:38:41
C:\WINDOWS\system32\FFTIFF16.dll |09/05/2005 19:38:41
C:\WINDOWS\system32\Filter_EUUni.dll |19/01/2004 16:12:02
C:\WINDOWS\system32\fmod.dll |16/09/2003 13:57:34
C:\WINDOWS\system32\gifs.dll |22/07/2002 13:36:26
C:\WINDOWS\system32\haspvdd.dll |04/02/2006 23:36:10
C:\WINDOWS\system32\HHACTIVEX.DLL |13/01/2006 21:18:29
C:\WINDOWS\system32\hsfcisp2.dll |20/08/2004 01:09:27
C:\WINDOWS\system32\HSF_INST.dll |20/08/2003 15:48:04
C:\WINDOWS\system32\hticons.dll |20/08/2003 14:50:45
C:\WINDOWS\system32\HUFFYUV.DLL |16/05/2005 10:39:51
C:\WINDOWS\system32\hypertrm.dll |20/08/2003 14:50:45
C:\WINDOWS\system32\Iacenc.dll |27/02/2005 13:40:15
C:\WINDOWS\system32\iccvid.dll |20/08/2003 16:40:38
C:\WINDOWS\system32\imagr5.dll |21/09/2000 18:02:28
C:\WINDOWS\system32\imagx5.dll |27/09/2000 17:15:06
C:\WINDOWS\system32\ImagXpr5.dll |21/09/2000 13:53:00
C:\WINDOWS\system32\indounin.dll |27/01/1999 14:39:06
C:\WINDOWS\system32\ir32_32.dll |20/08/2003 16:40:40
C:\WINDOWS\system32\ir41_32.dll |27/02/2005 13:40:14
C:\WINDOWS\system32\ir41_qc.dll |14/11/2002 12:59:36
C:\WINDOWS\system32\ir41_qcx.dll |14/11/2002 12:59:36
C:\WINDOWS\system32\ir50_32.dll |14/11/2002 12:59:38
C:\WINDOWS\system32\ir50_qc.dll |14/11/2002 12:59:38
C:\WINDOWS\system32\ir50_qcx.dll |14/11/2002 12:59:40
C:\WINDOWS\system32\isrdbg32.dll |20/08/2003 14:51:58
C:\WINDOWS\system32\ixbgkos.dll |30/05/2001 17:48:03
C:\WINDOWS\system32\iyvu9_32.dll |02/08/2004 16:11:56
C:\WINDOWS\system32\jgaw400.dll |20/08/2003 16:40:41
C:\WINDOWS\system32\jgdw400.dll |20/08/2003 16:40:41
C:\WINDOWS\system32\jgmd400.dll |20/08/2003 16:40:41
C:\WINDOWS\system32\jgpl400.dll |20/08/2003 16:40:41
C:\WINDOWS\system32\jgsd400.dll |20/08/2003 16:40:41
C:\WINDOWS\system32\jgsh400.dll |20/08/2003 16:40:41
C:\WINDOWS\system32\LCamCpl.dll |26/02/2006 15:07:21
C:\WINDOWS\system32\lfavi80n.dll |20/11/2004 18:16:34
C:\WINDOWS\system32\lfbmp11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lfbmp12n.dll |26/02/2006 15:07:07
C:\WINDOWS\system32\lfbmp13n.dll |05/07/2005 11:21:54
C:\WINDOWS\system32\LFCMP11n.DLL |07/06/2002 05:02:00
C:\WINDOWS\system32\LFCMP12n.DLL |26/02/2006 15:07:07
C:\WINDOWS\system32\lfcmp13n.dll |05/07/2005 11:21:54
C:\WINDOWS\system32\LFCMP80n.DLL |20/11/2004 18:16:34
C:\WINDOWS\system32\lfeps11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lffax11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lffax12n.dll |26/02/2006 15:07:07
C:\WINDOWS\system32\lfgif11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lfgif13n.dll |05/07/2005 11:21:55
C:\WINDOWS\system32\lfpcd11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lfpcx11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\Lfpng11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lfpng13n.dll |05/07/2005 11:24:35
C:\WINDOWS\system32\lfpsd11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lftga11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lftif11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\lftif12n.dll |26/02/2006 15:07:08
C:\WINDOWS\system32\lfwmf11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\libdivx.dll |28/09/2005 20:50:04
C:\WINDOWS\system32\libeay32.dll |28/04/2005 06:22:34
C:\WINDOWS\system32\libfaad.dll |16/05/2005 10:48:53
C:\WINDOWS\system32\LQCUI2.dll |26/02/2006 15:07:05
C:\WINDOWS\system32\LTDIS11n.dll |07/06/2002 05:02:00
C:\WINDOWS\system32\LTDIS12n.dll |26/02/2006 15:07:09
C:\WINDOWS\system32\ltdis13n.dll |05/07/2005 11:21:54
C:\WINDOWS\system32\ltefx12n.dll |26/02/2006 15:07:09
C:\WINDOWS\system32\ltefx13n.dll |05/07/2005 11:21:54
C:\WINDOWS\system32\ltefx80n.dll |20/11/2004 18:16:34
C:\WINDOWS\system32\ltfil11n.DLL |07/06/2002 05:02:00
C:\WINDOWS\system32\ltfil12n.DLL |26/02/2006 15:07:09
C:\WINDOWS\system32\ltfil13n.dll |05/07/2005 11:21:54
C:\WINDOWS\system32\ltfil80n.DLL |20/11/2004 18:16:34
C:\WINDOWS\system32\ltimg11n.dll |07/06/2002 05:02:02
C:\WINDOWS\system32\ltimg12n.dll |26/02/2006 15:07:09
C:\WINDOWS\system32\ltimg13n.dll |05/07/2005 11:21:54
C:\WINDOWS\system32\ltimg80n.dll |20/11/2004 18:16:34
C:\WINDOWS\system32\ltkrn11n.dll |07/06/2002 05:02:02
C:\WINDOWS\system32\ltkrn12n.dll |26/02/2006 15:07:09
C:\WINDOWS\system32\ltkrn13n.dll |05/07/2005 11:21:54
C:\WINDOWS\system32\ltkrn80n.dll |20/11/2004 18:16:34
C:\WINDOWS\system32\lttwn80n.dll |20/11/2004 18:16:34
C:\WINDOWS\system32\Ltwvc11n.dll |07/06/2002 05:02:02
C:\WINDOWS\system32\Ltwvc12n.dll |26/02/2006 15:07:10
C:\WINDOWS\system32\lvcodec2.dll |26/02/2006 15:21:24
C:\WINDOWS\system32\lvcoinst.dll |26/02/2006 15:21:25
C:\WINDOWS\system32\LVCOMCX.dll |08/10/2004 12:55:36
C:\WINDOWS\system32\Lvkrn12n.dll |26/02/2006 15:07:21
C:\WINDOWS\system32\LVMAENUM.dll |08/10/2004 12:52:58
C:\WINDOWS\system32\LVUI2.dll |26/02/2006 15:21:24
C:\WINDOWS\system32\LVUI2RC.dll |26/02/2006 15:21:24
C:\WINDOWS\system32\mcdvd_32.dll |03/12/2005 14:52:01
C:\WINDOWS\system32\mdmxsdk.dll |20/08/2004 01:09:30
C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 19:47:06
C:\WINDOWS\system32\mp4fil32.dll |16/05/2002 01:38:40
C:\WINDOWS\system32\mplaa6.dll |12/11/2006 00:11:33
C:\WINDOWS\system32\mplam6.dll |12/11/2006 00:11:33
C:\WINDOWS\system32\mplapx.dll |12/11/2006 00:11:33
C:\WINDOWS\system32\mplaw7.dll |12/11/2006 00:11:33
C:\WINDOWS\system32\mplva6.dll |15/10/2006 12:37:31
C:\WINDOWS\system32\mplvm6.dll |12/11/2006 00:11:33
C:\WINDOWS\system32\mplvpx.dll |12/11/2006 00:11:34
C:\WINDOWS\system32\mplvw7.dll |12/11/2006 00:11:33
C:\WINDOWS\system32\msdmo.dll |12/12/2002 00:14:32
C:\WINDOWS\system32\msencode.dll |20/08/2003 16:40:49
C:\WINDOWS\system32\MsgPlusLoader.dll |29/07/2005 16:37:13
C:\WINDOWS\system32\MSRTEDIT.DLL |22/01/1999 14:46:58
C:\WINDOWS\system32\MSVCRT10.DLL |14/08/2006 17:44:26
C:\WINDOWS\system32\mtxparhd.dll |20/08/2004 01:09:35
C:\WINDOWS\system32\MultiSZ.dll |01/06/2006 20:01:40
C:\WINDOWS\system32\mwace.dll |27/04/2006 14:51:36
C:\WINDOWS\system32\mwdds.dll |27/04/2006 14:51:37
C:\WINDOWS\system32\mwgfx.dll |27/04/2006 14:51:37
C:\WINDOWS\system32\mwgfx24.dll |27/04/2006 14:51:37
C:\WINDOWS\system32\Npindeo.dll |20/11/1998 14:38:58
C:\WINDOWS\system32\nv4_disp.dll |02/05/2003 15:19:00
C:\WINDOWS\system32\nvapi.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvcod.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvcodins.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvcpl.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvcpluir.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvdisps.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvdispsr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvexpbar.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvgames.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvgamesr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvhwvid.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nview.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvmccs.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvmccsrs.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvmccss.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvmccssr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvmctray.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvmobls.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvmoblsr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvnt4cpl.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvoglnt.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvrsar.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrscs.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrsda.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrsde.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrsel.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrseng.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrses.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrsesm.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrsfi.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrsfr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrshe.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvrshu.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrsit.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrsja.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrsko.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrsnl.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrsno.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrspl.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrspt.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrsptb.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrsru.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrssk.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrssl.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrssv.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrstr.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrszhc.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvrszht.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvshell.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvvitvs.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvvitvsr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwddi.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvwdmcpl.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvwimg.dll |10/12/2005 03:06:00
C:\WINDOWS\system32\nvwrsar.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrscs.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrsda.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrsde.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrsel.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrseng.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrses.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrsesm.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrsfi.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrsfr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrshe.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwrshu.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrsit.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrsja.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrsko.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrsnl.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrsno.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrspl.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrspt.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrsptb.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrsru.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrssk.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrssl.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrssv.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrstr.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrszhc.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwrszht.dll |22/10/2006 13:22:00
C:\WINDOWS\system32\nvwss.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\nvwssr.dll |01/06/2006 17:22:00
C:\WINDOWS\system32\OQTLib.dll |16/05/2005 10:48:44
C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16
C:\WINDOWS\system32\PCDLIB32.DLL |07/06/2002 05:02:02
C:\WINDOWS\system32\PhotoEditor.dll |05/07/2004 20:11:04
C:\WINDOWS\system32\PhotoEditorRes_DE.dll |22/03/2004 15:37:02
C:\WINDOWS\system32\PhotoEditorRes_ES.dll |22/03/2004 15:39:34
C:\WINDOWS\system32\PhotoEditorRes_FR.dll |22/03/2004 15:38:02
C:\WINDOWS\system32\PhotoEditorRes_IT.dll |22/03/2004 15:38:42
C:\WINDOWS\system32\PhotoEditorRes_RU.dll |24/06/2004 11:48:30
C:\WINDOWS\system32\PhotoEditorRes_UK.dll |22/03/2004 15:36:14
C:\WINDOWS\system32\picn20.dll |21/09/2000 08:47:10
C:\WINDOWS\system32\plugin.dll |14/08/2006 17:44:26
C:\WINDOWS\system32\pncrt.dll |11/08/1998 15:18:44
C:\WINDOWS\system32\pndx5016.dll |12/11/2006 00:11:47
C:\WINDOWS\system32\pndx5032.dll |12/11/2006 00:11:47
C:\WINDOWS\system32\psisdecd.dll |11/09/2004 15:37:25
C:\WINDOWS\system32\px.dll |31/08/2004 11:30:14
C:\WINDOWS\system32\pxafs.dll |01/12/2006 19:53:16
C:\WINDOWS\system32\pxdrv.dll |31/08/2004 11:30:15
C:\WINDOWS\system32\pxmas.dll |31/08/2004 11:30:15
C:\WINDOWS\system32\pxsfs.dll |09/06/2006 15:09:14
C:\WINDOWS\system32\pxwave.dll |31/08/2004 11:30:15
C:\WINDOWS\system32\pxwma.dll |25/06/2005 15:03:49
C:\WINDOWS\system32\QCUI2.dll |26/02/2006 15:07:10
C:\WINDOWS\system32\qedwipes.dll |12/12/2002 00:14:32
C:\WINDOWS\system32\qt-dx331.dll |28/04/2005 06:22:38
C:\WINDOWS\system32\RA3214_4.dll |11/08/1998 15:18:44
C:\WINDOWS\system32\ra3228_8.dll |11/08/1998 15:1