haguima
-
Compteur de contenus
20 -
Inscription
-
Dernière visite
haguima's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
Logfile of HijackThis v1.99.1 Scan saved at 22:33:48, on 19/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\TomTom HOME\TomTomHOME.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WANADOO\Watch.exe C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\eMule\emule.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe merci
-
Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:36 PM Killbox Closed(Exit) @ 6:37:01 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:37 PM Killbox Closed(Exit) @ 6:37:31 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:37 PM # 1 [Delete on Reboot] Path = C:\WINDOWS\System32\vexga4m1et4.exe I Rebooted @ 6:39:52 PM Killbox Closed(Exit) @ 6:39:54 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:42 PM Killbox Closed(Exit) @ 6:42:46 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mercredi, avril 18, 2007, 11:06 PM # 1 [Delete on Reboot] Path = C:\WINDOWS\system32\fslfd.exe # 2 [Delete on Reboot] Path = C:\WINDOWS\system32\yenjm.exe # 3 [Delete on Reboot] Path = C:\WINDOWS\system32\aoiqd.exe # 4 [Delete on Reboot] Path = C:\WINDOWS\system32\arlnl.exe # 5 [Delete on Reboot] Path = C:\WINDOWS\system32\ilpjc.exe # 6 [Delete on Reboot] Path = C:\WINDOWS\system32\cesoa.exe # 7 [Delete on Reboot] Path = C:\WINDOWS\system32\bydyf.exe # 8 [Delete on Reboot] Path = C:\WINDOWS\system32\vixwj.exe # 9 [Delete on Reboot] Path = C:\WINDOWS\system32\uhewj.exe # 10 [Delete on Reboot] Path = C:\WINDOWS\system32\smyun.exe # 11 [Delete on Reboot] Path = C:\WINDOWS\system32\vdbne.exe # 12 [Delete on Reboot] Path = C:\WINDOWS\system32\mrkyl.exe # 13 [Delete on Reboot] Path = C:\WINDOWS\system32\phvqm.exe # 14 [Delete on Reboot] Path = C:\WINDOWS\system32\jcfaz.exe # 15 [Delete on Reboot] Path = C:\WINDOWS\system32\zfqis.exe I Rebooted @ 11:08:27 PM Killbox Closed(Exit) @ 11:08:28 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mercredi, avril 18, 2007, 11:10 PM Logfile of HijackThis v1.99.1 Scan saved at 08:09:52, on 19/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\TomTom HOME\TomTomHOME.exe C:\PROGRA~1\WANADOO\Watch.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\eMule\emule.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
-
voici le rapport killbox: Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:36 PM Killbox Closed(Exit) @ 6:37:01 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:37 PM Killbox Closed(Exit) @ 6:37:31 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:37 PM # 1 [Delete on Reboot] Path = C:\WINDOWS\System32\vexga4m1et4.exe I Rebooted @ 6:39:52 PM Killbox Closed(Exit) @ 6:39:54 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:42 PM Killbox Closed(Exit) @ 6:42:46 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mercredi, avril 18, 2007, 11:06 PM # 1 [Delete on Reboot] Path = C:\WINDOWS\system32\fslfd.exe # 2 [Delete on Reboot] Path = C:\WINDOWS\system32\yenjm.exe # 3 [Delete on Reboot] Path = C:\WINDOWS\system32\aoiqd.exe # 4 [Delete on Reboot] Path = C:\WINDOWS\system32\arlnl.exe # 5 [Delete on Reboot] Path = C:\WINDOWS\system32\ilpjc.exe # 6 [Delete on Reboot] Path = C:\WINDOWS\system32\cesoa.exe # 7 [Delete on Reboot] Path = C:\WINDOWS\system32\bydyf.exe # 8 [Delete on Reboot] Path = C:\WINDOWS\system32\vixwj.exe # 9 [Delete on Reboot] Path = C:\WINDOWS\system32\uhewj.exe # 10 [Delete on Reboot] Path = C:\WINDOWS\system32\smyun.exe # 11 [Delete on Reboot] Path = C:\WINDOWS\system32\vdbne.exe # 12 [Delete on Reboot] Path = C:\WINDOWS\system32\mrkyl.exe # 13 [Delete on Reboot] Path = C:\WINDOWS\system32\phvqm.exe # 14 [Delete on Reboot] Path = C:\WINDOWS\system32\jcfaz.exe # 15 [Delete on Reboot] Path = C:\WINDOWS\system32\zfqis.exe I Rebooted @ 11:08:27 PM Killbox Closed(Exit) @ 11:08:28 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mercredi, avril 18, 2007, 11:10 PM et le hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 23:11:42, on 18/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\WANADOO\Watch.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
-
voici le rapport kapersky: KASPERSKY ON-LINE SCANNER REPORT Wednesday, April 18, 2007 9:33:38 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 18/04/2007 Enregistrements dans la base antivirus Kaspersky : 281705 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail C:\ D:\ E:\ F:\ G:\ H:\ I:\ Statistiques de l'analyse Total d'objets analysés 77210 Nombre de virus trouvés 14 Nombre d'objets infectés 82 / 0 Nombre d'objets suspects 0 Durée de l'analyse 00:32:29 Nom de l'objet infecté Nom du virus Dernière action C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\fslfd.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\yenjm.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\aoiqd.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\arlnl.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\ilpjc.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\cesoa.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\bydyf.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\vixwj.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\uhewj.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\smyun.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\vdbne.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\mrkyl.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\phvqm.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\jcfaz.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\system32\zfqis.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\WINDOWS\Temp\Perflib_Perfdata_7cc.dat L'objet est verrouillé ignoré C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_6fc.dat L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\EventCache\{0DC1CEFA-EFD3-405B-A3DD-AF487F4CA816}.bin L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\marion\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\marion\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Temp\~DF9D58.tmp L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Temp\~DF9E3A.tmp L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Temp\~DF3A90.tmp L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Temp\~DF3AF6.tmp L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Temp\~DFC30F.tmp L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Historique\History.IE5\MSHist012007041820070419\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Application Data\Microsoft\Windows Live Contacts\haguima@hotmail.fr\real\members.stg L'objet est verrouillé ignoré C:\Documents and Settings\marion\Local Settings\Application Data\Microsoft\Windows Live Contacts\haguima@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré C:\Documents and Settings\marion\Cookies\index.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\report\.txt L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré C:\Program Files\eMule\Temp2.part L'objet est verrouillé ignoré C:\Program Files\eMule\Temp3.part L'objet est verrouillé ignoré C:\Program Files\eMule\Temp13.part L'objet est verrouillé ignoré C:\Program Files\eMule\Temp14.part L'objet est verrouillé ignoré C:\Program Files\eMule\Temp15.part L'objet est verrouillé ignoré C:\Program Files\eMule\Temp16.part L'objet est verrouillé ignoré C:\Program Files\eMule\Temp17.part L'objet est verrouillé ignoré C:\Program Files\eMule\Temp18.part L'objet est verrouillé ignoré C:\SDFix\backups_old1\backups.zip/backups/backups.zip/backups/backups.zip/backups/icf.exe Infecté : Trojan.Win32.Agent.aek ignoré C:\SDFix\backups_old1\backups.zip/backups/backups.zip/backups/backups.zip Infecté : Trojan.Win32.Agent.aek ignoré C:\SDFix\backups_old1\backups.zip/backups/backups.zip Infecté : Trojan.Win32.Agent.aek ignoré C:\SDFix\backups_old1\backups.zip ZIP: infecté - 3 ignoré C:\SDFix\backups\backups.zip/backups/inst.exe.exe Infecté : Email-Worm.Win32.Zhelatin.cs ignoré C:\SDFix\backups\backups.zip/backups/vexga4me1.exe Infecté : Trojan-Proxy.Win32.Xorpix.ba ignoré C:\SDFix\backups\backups.zip/backups/vexga5me3.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\SDFix\backups\backups.zip ZIP: infecté - 3 ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222373.exe Infecté : Trojan-Proxy.Win32.Xorpix.ar ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222375.exe Infecté : Email-Worm.Win32.Zhelatin.cs ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222379.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222380.sys Infecté : SpamTool.Win32.Agent.af ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222391.exe/EXE-file Infecté : Trojan-Proxy.Win32.Xorpix.ar ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222391.exe Embedded EXE: infecté - 1 ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222392.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222397.exe Infecté : Trojan-Proxy.Win32.Xorpix.m ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222398.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222407.exe/EXE-file Infecté : Trojan-Proxy.Win32.Xorpix.ar ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222407.exe Embedded EXE: infecté - 1 ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222408.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222413.exe Infecté : Trojan-Proxy.Win32.Xorpix.m ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222414.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222415.exe Infecté : Email-Worm.Win32.Zhelatin.as ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222425.exe/EXE-file Infecté : Trojan-Proxy.Win32.Xorpix.ar ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222425.exe Embedded EXE: infecté - 1 ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222426.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0222431.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0223428.exe/EXE-file Infecté : Trojan-Proxy.Win32.Xorpix.ar ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0223428.exe Embedded EXE: infecté - 1 ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0223430.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224427.exe/EXE-file Infecté : Trojan-Proxy.Win32.Xorpix.ar ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224427.exe Embedded EXE: infecté - 1 ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224428.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224440.exe Infecté : Trojan-Proxy.Win32.Xorpix.m ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224441.exe Infecté : Email-Worm.Win32.Zhelatin.as ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224442.exe Infecté : Packed.Win32.PePatch.dw ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224452.exe Infecté : Trojan.Win32.Small.fb ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224455.exe Infecté : not-virus:Hoax.Win32.Renos.gs ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224467.exe/EXE-file Infecté : Trojan-Proxy.Win32.Xorpix.ar ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224467.exe Embedded EXE: infecté - 1 ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224468.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224469.exe Infecté : Trojan-Proxy.Win32.Xorpix.m ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224478.exe Infecté : Email-Worm.Win32.Zhelatin.as ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224479.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224491.exe Infecté : Trojan-Proxy.Win32.Xorpix.ba ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224494.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP455\A0224495.exe Infecté : Trojan-Proxy.Win32.Xorpix.m ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225493.exe Infecté : Trojan-Proxy.Win32.Xorpix.ba ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225495.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225496.exe Infecté : Trojan-Proxy.Win32.Xorpix.m ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225523.exe Infecté : Email-Worm.Win32.Zhelatin.as ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225530.exe Infecté : Email-Worm.Win32.Zhelatin.cs ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225549.exe Infecté : Email-Worm.Win32.Zhelatin.cs ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225551.exe Infecté : Trojan-Proxy.Win32.Xorpix.ba ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225552.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225561.exe Infecté : Email-Worm.Win32.Zhelatin.cs ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225565.exe Infecté : Trojan-Proxy.Win32.Xorpix.ba ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0225566.exe Infecté : Trojan-Downloader.Win32.Agent.bls ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0226578.exe Infecté : Email-Worm.Win32.Zhelatin.as ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP456\A0226579.exe Infecté : Packed.Win32.PePatch.dw ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\A0232705.exe Infecté : Trojan-Proxy.Win32.Xorpix.m ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\A0232706.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\A0232707.exe Infecté : Email-Worm.Win32.Zhelatin.cs ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\A0233702.exe Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\A0233703.exe Infecté : Trojan-Downloader.Win32.Agent.uj ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\A0233704.exe Infecté : Trojan.Win32.DNSChanger.hd ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\A0233705.sys Infecté : Email-Worm.Win32.Zhelatin.cx ignoré C:\System Volume Information\_restore{53F3D8E2-EF6F-4054-B8B0-9FB5F7C12ECC}\RP457\change.log L'objet est verrouillé ignoré Analyse terminée.
-
voici mon nouveau log HiJackThis: Logfile of HijackThis v1.99.1 Scan saved at 19:02:37, on 18/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\TomTom HOME\TomTomHOME.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WANADOO\Watch.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O17 - HKLM\System\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer = 200.14.104.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer = 200.14.104.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer = 200.14.104.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer = 200.14.104.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer = 200.14.104.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer = 200.14.104.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer = 200.14.104.51 O17 - HKLM\System\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer = 200.14.104.51 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe et le nouveau rapport diaghelp: C:\WINDOWS\System32/drivers\gmer.sys -->21/01/2007 21:34:22 C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 18:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 18:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 00:56:14 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 00:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 00:51:58 C:\WINDOWS\System32/drivers\tcpip.sys -->12/12/2006 23:59:32 C:\WINDOWS\System32\AdobeFnt.lst -->17/04/2007 17:00:54 C:\WINDOWS\System32\tmp.txt -->17/04/2007 15:24:40 C:\WINDOWS\System32\tmp.reg -->17/04/2007 15:24:40 C:\WINDOWS\System32\wpa.dbl -->17/04/2007 08:11:12 C:\WINDOWS\System32\FNTCACHE.DAT -->02/04/2007 19:07:54 C:\WINDOWS\System32\PCANDIS5.sys -->23/01/2007 15:25:50 C:\WINDOWS\System32\W32N50.dll -->23/01/2007 15:25:50 C:\WINDOWS\System32\tmp9AF84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpB7F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpC4F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpD1F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpEEE84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\zllictbl.dat -->21/01/2007 22:43:48 C:\WINDOWS\System32\ikhcore.log -->17/01/2007 20:48:06 C:\WINDOWS\System32\CONFIG.NT -->17/01/2007 17:36:22 C:\WINDOWS\System32\dip.exe -->17/01/2007 15:34:36 C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:08 C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20 C:\WINDOWS\System32\LegitCheckControl.DLL -->12/12/2006 10:45:04 C:\WINDOWS\System32\swxcacls.exe -->01/12/2006 05:20:34 C:\WINDOWS\System32\pxhpinst.exe -->27/09/2006 22:53:24 C:\WINDOWS\System32\pxdrv.dll -->27/09/2006 22:53:24 C:\WINDOWS\System32\vxblock.dll -->27/09/2006 22:53:24 C:\WINDOWS\System32\pxwave.dll -->27/09/2006 22:53:24 C:\WINDOWS\System32\pxmas.dll -->27/09/2006 22:53:24 C:\WINDOWS\wiadebug.log -->18/04/2007 19:02:18 C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->18/04/2007 19:02:18 C:\WINDOWS.log -->18/04/2007 19:02:18 C:\WINDOWS\bootstat.dat -->18/04/2007 19:02:10 C:\WINDOWS\SchedLgU.Txt -->18/04/2007 18:52:10 C:\WINDOWS\WindowsUpdate.log -->18/04/2007 18:52:10 C:\WINDOWS\wiaservc.log -->18/04/2007 18:52:10 C:\WINDOWS\wmsetup.log -->18/04/2007 09:00:12 C:\WINDOWS\CVW3844BF.txt -->17/04/2007 18:48:38 C:\WINDOWS\setupact.log -->17/04/2007 15:26:10 C:\WINDOWS\NAVIGMA.INI -->05/04/2007 21:24:34 C:\WINDOWS\EPISMF00.SWB -->02/04/2007 19:40:14 C:\WINDOWS\setupapi.log -->02/04/2007 18:25:06 C:\WINDOWS\win.ini -->20/03/2007 21:16:26 C:\WINDOWS\6-wlancfg.log -->10/03/2007 08:46:32 C:\WINDOWS\twunk_16.exe |01/01/1980 00:00:00 C:\WINDOWS\twunk_32.exe |01/01/1980 00:00:00 C:\WINDOWS\SETR.EXE |01/01/1980 00:00:00 C:\WINDOWS\AMOVE.EXE |01/01/1980 00:00:00 C:\WINDOWS\ALAUNCH.EXE |01/01/1980 00:00:00 C:\WINDOWS\EHIB.EXE |01/01/1980 00:00:00 C:\WINDOWS\GalleryPlayer Images Uninstaller.exe |03/10/2005 19:40:02 C:\WINDOWS\gmer.exe |21/01/2007 21:34:21 C:\WINDOWS\uninst.exe |06/01/2007 14:48:06 C:\WINDOWS\IsUninst.exe |06/01/2007 14:52:23 C:\WINDOWS\unvise32.exe |25/03/2007 11:01:47 C:\WINDOWS\IsUn040c.exe |11/02/2006 14:28:33 C:\WINDOWS\AGRSMMSG.exe |01/01/1980 00:00:00 C:\WINDOWS\agrsmdel.exe |01/01/1980 00:00:00 C:\WINDOWS\SoundMan.exe |22/03/2005 14:26:50 C:\WINDOWS\RTHDCPL.EXE |22/03/2005 14:26:50 C:\WINDOWS\RTLCPL.EXE |22/03/2005 14:26:49 C:\WINDOWS\ALCWZRD.EXE |22/03/2005 14:26:50 C:\WINDOWS\unin040c.exe |08/12/2005 10:12:00 C:\WINDOWS\CtDrvIns.exe |24/02/2006 18:11:52 C:\WINDOWS\V0090Cfg.exe |24/02/2006 18:11:52 C:\WINDOWS\Ctregrun.exe |24/02/2006 18:12:30 C:\WINDOWS\twain.dll |01/01/1980 00:00:00 C:\WINDOWS\twain_32.dll |01/01/1980 00:00:00 C:\WINDOWS\sysgtime.dll |07/01/2000 01:00:00 C:\WINDOWS\gmer.dll |21/01/2007 21:34:21 C:\WINDOWS\RtlExUpd.dll |03/04/2005 02:24:24 C:\WINDOWS\kpapi32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpcp32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpsys32.dll |08/12/2005 10:13:17 C:\WINDOWS\Sprof32.dll |08/12/2005 10:13:17 C:\WINDOWS\pcdlib32.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\append.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\debug.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34 C:\WINDOWS\system32\edlin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\exe2bin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\fastopen.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mem.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mscdexnt.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\nlsfunc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\setver.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\share.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\java.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\dosx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\redir.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\FTRTSVC.exe |23/01/2007 16:01:55 C:\WINDOWS\system32\javaw.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\aswBoot.exe |08/12/2005 10:17:54 C:\WINDOWS\system32\javaws.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\ASPTV.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\ASPFM.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\swreg.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swsc.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\dumphive.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swxcacls.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\pxhpinst.exe |23/01/2007 21:22:34 C:\WINDOWS\system32\fslfd.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\yenjm.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dip.exe |17/01/2007 15:34:34 C:\WINDOWS\system32\aoiqd.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\arlnl.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ilpjc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cesoa.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\bydyf.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\vixwj.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\uhewj.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\smyun.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\vdbne.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mrkyl.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\phvqm.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\jcfaz.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\zfqis.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\Hdaudpropshortcut.exe |17/03/2004 15:10:40 C:\WINDOWS\system32\Process.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\SrchSTS.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\creLink.exe |22/03/2005 14:34:45 C:\WINDOWS\system32\CreMan.exe |22/03/2005 14:35:01 C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ChCfg.exe |03/04/2005 02:24:28 C:\WINDOWS\system32\HdAShCut.exe |07/01/2005 17:07:16 C:\WINDOWS\system32\MaggiUninstall60.exe |06/01/2007 14:48:19 C:\WINDOWS\system32\TVIcon.exe |23/11/2005 16:22:42 C:\WINDOWS\system32\V0090Srv.exe |24/02/2006 18:11:52 C:\WINDOWS\system32\unwlsdrv.exe |06/01/2005 15:04:00 C:\WINDOWS\system32\ir32_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgaw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgdw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgmd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgpl400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsh400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06 C:\WINDOWS\system32\msencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbrccsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\tsd32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\win87em.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\amstream.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmfd.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmlib.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\compatUI.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\encdec.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\iccvid.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ieencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\msdmo.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\qedwipes.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\sbe.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbcsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbiop.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ltkrn13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\EqnClass.Dll |22/03/2005 14:15:29 C:\WINDOWS\system32\spxcoins.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgsetup.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgrpsetu.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\ltfil13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltdis13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltimg13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfbmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfcmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltefx13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfgif13n.dll |22/08/2006 17:54:52 C:\WINDOWS\system32\lame_enc.dll |11/04/2000 20:44:56 C:\WINDOWS\system32\epcomdd.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESDTR.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESICM.dll |29/11/2006 16:27:35 C:\WINDOWS\system32\esccm.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimg.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiab.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiad.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwian.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\px.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxmas.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxwave.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\vxblock.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxdrv.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\mgxoschk.dll |03/01/2007 11:39:29 C:\WINDOWS\system32\INETWH32.dll |03/01/2007 11:39:50 C:\WINDOWS\system32\ROBOEX32.DLL |24/02/2006 18:09:53 C:\WINDOWS\system32\SHW32.DLL |27/03/2007 21:38:32 C:\WINDOWS\system32\hticons.dll |22/03/2005 14:18:52 C:\WINDOWS\system32\Hdaudprop.dll |17/03/2004 15:10:40 C:\WINDOWS\system32\isrdbg32.dll |22/03/2005 14:19:50 C:\WINDOWS\system32\Hdaudpropres.dll |18/03/2004 17:18:08 C:\WINDOWS\system32\NTICDMK32.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\NTIMPEG2.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30 C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38 C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56 C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36 C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29 C:\WINDOWS\system32\ntiembed.dll |22/03/2005 14:34:20 C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Esint23.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Esintpl.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Epfb5cpl.dll |29/11/2006 16:27:36 C:\WINDOWS\system32\HdAProp.dll |07/01/2005 17:07:16 C:\WINDOWS\system32\HdAudRes.dll |07/01/2005 17:07:04 C:\WINDOWS\system32\HtmlWH.dll |03/01/2007 11:39:49 C:\WINDOWS\system32\IfHelper.dll |23/01/2007 16:01:55 C:\WINDOWS\system32\RtlCPAPI.dll |22/03/2005 14:26:49 C:\WINDOWS\system32\vp6vfw.dll |23/11/2005 17:55:34 C:\WINDOWS\system32\fun_avcodec.dll |01/02/2007 16:30:54 C:\WINDOWS\system32\EBPMON24.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\ECBTEG.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\EBPCHP.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\E_DCINST.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\Epcmlib.dll |06/12/2005 14:54:51 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 02:53:58 C:\WINDOWS\system32\cppenv25.dll |08/12/2005 10:13:15 C:\WINDOWS\system32\EZIMG25.dll |08/12/2005 10:13:16 C:\WINDOWS\system32\WINSIZE.DLL |08/12/2005 10:13:16 C:\WINDOWS\system32\Snap32n.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\MSVCRT10.DLL |08/12/2005 10:13:17 C:\WINDOWS\system32\ATMDRVR.DLL |08/12/2005 10:14:25 C:\WINDOWS\system32\fun_mp4_dec.dll |01/02/2007 16:30:55 C:\WINDOWS\system32\fun_mp4_enc.dll |01/02/2007 16:30:55 C:\WINDOWS\system32\WooDial2000.dll |24/02/2006 17:42:20 C:\WINDOWS\system32\rnaph.dll |24/02/2006 17:42:13 C:\WINDOWS\system32\CtCamMgr.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\CtRegApp.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Hwx.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Pin.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Sti.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Vfw.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\hypertrm.dll |22/03/2005 14:18:48 C:\WINDOWS\system32\W32N50.dll |06/03/2006 11:22:41 C:\WINDOWS\system32\ffJmpWeb.dll |06/03/2006 11:38:09 C:\WINDOWS\system32\mcdvd_32.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\divx.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidcore.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidvfw.dll |10/03/2006 14:14:45 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system 23/08/2001 05:00 9 728 regsvr32.exe 1 fichier(s) 9 728 octets 0 Rép(s) 156 306 931 712 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system32 05/08/2004 05:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 156 306 931 712 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\Downloaded Program Files 22/03/2005 14:20 <REP> . 22/03/2005 14:20 <REP> .. 22/03/2005 14:20 65 desktop.ini 10/11/2005 14:05 876 jinstall-1_5_0_06.inf 14/05/2006 10:56 <REP> DinerDash.1.0.0.58 03/06/2002 17:53 144 QTPlugin.inf 19/06/2002 14:11 117 088 PURen-us.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 25/06/2006 12:50 1 793 erma.inf 26/05/2005 04:19 293 muweb.inf 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/12/2006 01:00 124 584 naveng32.dll 20/12/2006 01:00 882 344 navex32a.dll 20/12/2006 01:00 2 504 catalog.dat 20/12/2006 01:00 272 040 ecmsvr32.dll 20/12/2006 01:00 6 899 ecbootil.vxd 20/12/2006 01:00 32 virscant.dat 20/12/2006 01:00 974 242 virscan1.dat 20/12/2006 01:00 569 910 virscan2.dat 20/12/2006 01:00 147 296 virscan3.dat 20/12/2006 01:00 320 186 virscan4.dat 20/12/2006 01:00 3 086 703 virscan5.dat 20/12/2006 01:00 390 030 virscan6.dat 20/12/2006 01:00 5 396 298 virscan7.dat 20/12/2006 01:00 1 650 979 virscan8.dat 20/12/2006 01:00 3 940 959 virscan9.dat 20/12/2006 01:00 224 zdone.dat 20/12/2006 01:00 106 244 virscan.inf 20/12/2006 01:00 97 696 scrauth.dat 20/12/2006 01:00 453 tinf.dat 20/12/2006 01:00 148 tinfidx.dat 20/12/2006 01:00 1 957 tinfl.dat 20/12/2006 01:00 64 048 tscan1.dat 20/12/2006 01:00 3 072 tscan1hd.dat 20/12/2006 01:00 1 061 symaveng.inf 20/12/2006 01:00 9 237 symaveng.cat 20/12/2006 01:00 187 543 tcdefs.dat 20/12/2006 01:00 1 172 076 tcscan7.dat 20/12/2006 01:00 323 242 tcscan8.dat 20/12/2006 01:00 728 804 tcscan9.dat 20/12/2006 01:00 4 778 v.grd 20/12/2006 01:00 2 261 v.sig 28/12/2006 17:58 2 072 vscanmsx.dat 09/11/2006 14:36 5 019 swflash.inf 11/12/2006 16:44 367 LegitCheckControl.inf 09/01/2007 08:30 110 592 PURfr-fr.dll 44 fichier(s) 21 196 848 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:46 995 328 dinerdash.exe 14/05/2006 10:56 <REP> assets 1 fichier(s) 995 328 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 460 playfirst_logo.png 18/11/2005 09:43 11 803 strings.xml 14/05/2006 10:56 <REP> accessories 14/05/2006 10:56 <REP> backgrounds 14/05/2006 10:56 <REP> buttons 14/05/2006 10:56 <REP> comics 14/05/2006 10:56 <REP> config 14/05/2006 10:56 <REP> cook 14/05/2006 10:56 <REP> cursor 14/05/2006 10:56 <REP> flo 14/05/2006 10:56 <REP> fonts 14/05/2006 10:56 <REP> furniture 14/05/2006 10:56 <REP> hiscore 14/05/2006 10:56 <REP> layouts 14/05/2006 10:56 <REP> restaurants 14/05/2006 10:56 <REP> scripts 14/05/2006 10:56 <REP> splash 14/05/2006 10:56 <REP> ui 14/05/2006 10:56 <REP> audio 14/05/2006 10:56 <REP> customers 2 fichier(s) 17 263 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 568 cup.png 18/11/2005 09:43 619 customer_cup.png 18/11/2005 09:43 239 heart.png 18/11/2005 09:43 927 menu_down.png 18/11/2005 09:43 1 244 menu_up.png 18/11/2005 09:43 850 plates.png 18/11/2005 09:43 741 ticket.png 18/11/2005 09:43 1 639 tray.png 8 fichier(s) 6 827 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 319 choosedifficulty.png 18/11/2005 09:43 12 316 credits.jpg 18/11/2005 09:43 12 927 flo_lose.png 18/11/2005 09:43 13 807 flo_win.png 18/11/2005 09:43 16 725 help1.jpg 18/11/2005 09:43 18 595 help2.jpg 18/11/2005 09:43 14 327 highscores.jpg 18/11/2005 09:43 14 586 levelintro.jpg 18/11/2005 09:43 2 967 levelintro_mask.png 18/11/2005 09:43 14 582 levelover.jpg 18/11/2005 09:43 3 383 levelover_mask.png 18/11/2005 09:43 43 278 mainmenu.jpg 18/11/2005 09:43 7 362 popup.jpg 18/11/2005 09:43 1 899 popup_mask.png 18/11/2005 09:43 6 010 upgradegrid.png 18/11/2005 09:43 3 218 upgradetitle.png 18/11/2005 09:43 39 050 upsell.jpg 17 fichier(s) 226 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 825 arrowleft_blue.png 18/11/2005 09:43 995 arrowleft_yellow.png 18/11/2005 09:43 827 arrowright_blue.png 18/11/2005 09:43 991 arrowright_yellow.png 18/11/2005 09:43 2 326 backchalk.png 18/11/2005 09:43 2 960 backchalkup.png 18/11/2005 09:43 1 420 backtomenu_blue.png 18/11/2005 09:43 1 393 backtomenu_yellow.png 18/11/2005 09:43 1 795 back_blue.png 18/11/2005 09:43 1 761 back_yellow.png 18/11/2005 09:43 2 403 cancel.png 18/11/2005 09:43 2 368 cancelup.png 18/11/2005 09:43 2 722 career.png 18/11/2005 09:43 2 714 career_over.png 18/11/2005 09:43 2 156 close.png 18/11/2005 09:43 2 223 closeup.png 18/11/2005 09:43 3 346 continue.png 18/11/2005 09:43 3 208 continueover.png 18/11/2005 09:43 1 378 credits_blue.png 18/11/2005 09:43 1 365 credits_yellow.png 18/11/2005 09:43 2 073 download_blue.png 18/11/2005 09:43 2 081 download_yellow.png 18/11/2005 09:43 2 530 easy.png 18/11/2005 09:43 1 695 easy_over.png 18/11/2005 09:43 2 882 endlessshift.png 18/11/2005 09:43 2 886 endlessshift_over.png 18/11/2005 09:43 2 525 hard.png 18/11/2005 09:43 1 780 hard_over.png 18/11/2005 09:43 1 397 help.png 18/11/2005 09:43 1 395 help_over.png 18/11/2005 09:43 2 871 highscores.png 18/11/2005 09:43 2 871 highscores_over.png 18/11/2005 09:43 1 492 instructions_blue.png 18/11/2005 09:43 1 487 instructions_yellow.png 18/11/2005 09:43 1 491 letsplay.png 18/11/2005 09:43 1 491 letsplayover.png 18/11/2005 09:43 2 934 medium.png 18/11/2005 09:43 1 972 medium_over.png 18/11/2005 09:43 2 909 moreinfo.png 18/11/2005 09:43 2 903 moreinfoup.png 18/11/2005 09:43 580 off.png 18/11/2005 09:43 580 off_on.png 18/11/2005 09:43 505 on.png 18/11/2005 09:43 504 on_on.png 18/11/2005 09:43 827 pause.png 18/11/2005 09:43 843 pauseover.png 18/11/2005 09:43 2 835 quit.png 18/11/2005 09:43 3 776 quitgame.png 18/11/2005 09:43 3 122 quitgameover.png 18/11/2005 09:43 2 866 quitover.png 18/11/2005 09:43 3 762 resumegame.png 18/11/2005 09:43 3 196 resumegameover.png 18/11/2005 09:43 2 812 submit.png 18/11/2005 09:43 2 737 submitup.png 18/11/2005 09:43 3 175 tryagain.png 18/11/2005 09:43 3 244 tryagainover.png 18/11/2005 09:43 4 392 upgrade_over.png 18/11/2005 09:43 4 429 upgrade_up.png 18/11/2005 09:43 4 235 viewglobal.png 18/11/2005 09:43 4 219 viewglobalup.png 18/11/2005 09:43 3 710 viewhighscore.png 18/11/2005 09:43 3 250 viewhighscoreon.png 18/11/2005 09:43 4 189 viewlocal.png 18/11/2005 09:43 4 173 viewlocalup.png 64 fichier(s) 150 802 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 31 920 webcomic.jpg 1 fichier(s) 31 920 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 33 657 career.xml 18/11/2005 09:43 11 169 customer.xml 18/11/2005 09:43 17 741 endless.xml 18/11/2005 09:43 621 global.xml 18/11/2005 09:43 3 137 powerups.xml 5 fichier(s) 66 325 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 6 690 cook.png 18/11/2005 09:43 3 091 cook.xml 18/11/2005 09:43 228 stove.png 3 fichier(s) 10 009 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 773 arrow.png 18/11/2005 09:43 2 028 click.png 18/11/2005 09:43 1 926 click2.png 18/11/2005 09:43 1 726 grab.png 18/11/2005 09:43 2 274 open.png 5 fichier(s) 9 727 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 21 613 idle.png 18/11/2005 09:43 2 752 idle.xml 18/11/2005 09:43 6 943 lower.png 18/11/2005 09:43 2 177 lower.xml 18/11/2005 09:43 16 974 upper.png 18/11/2005 09:43 6 892 upper.xml 6 fichier(s) 57 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 36 107 arial.mvec 18/11/2005 09:43 34 231 komikaaxis.mvec 2 fichier(s) 70 338 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 529 chair.png 18/11/2005 09:43 2 914 chair.xml 18/11/2005 09:43 1 512 dirt2top.png 18/11/2005 09:43 1 762 dirt4top.png 18/11/2005 09:43 11 831 dishcart.png 18/11/2005 09:43 1 455 dishcart.xml 18/11/2005 09:43 2 990 drinkstation_off.png 18/11/2005 09:43 3 248 drinkstation_on1.png 18/11/2005 09:43 2 965 drinkstation_on2.png 18/11/2005 09:43 14 012 ticketstation.png 18/11/2005 09:43 2 621 ticketstation.xml 11 fichier(s) 50 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 700 arrowdown.png 18/11/2005 09:43 699 arrowdownon.png 18/11/2005 09:43 684 arrowleft.png 18/11/2005 09:43 684 arrowlefton.png 18/11/2005 09:43 677 arrowright.png 18/11/2005 09:43 679 arrowrighton.png 18/11/2005 09:43 701 arrowup.png 18/11/2005 09:43 703 arrowupon.png 18/11/2005 09:43 357 p1icon.png 18/11/2005 09:43 3 844 textedit.png 18/11/2005 09:43 2 066 title.png 11 fichier(s) 11 794 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 301 endless_1_1.txt 18/11/2005 09:43 301 endless_1_1_a.txt 18/11/2005 09:43 301 endless_1_1_b.txt 18/11/2005 09:43 301 endless_1_1_c.txt 18/11/2005 09:43 301 endless_1_2.txt 18/11/2005 09:43 301 endless_1_2_a.txt 18/11/2005 09:43 313 endless_1_2_b.txt 18/11/2005 09:43 301 endless_1_2_c.txt 18/11/2005 09:43 301 endless_1_2_d.txt 18/11/2005 09:43 301 endless_1_3.txt 18/11/2005 09:43 301 endless_1_3_a.txt 18/11/2005 09:43 301 endless_1_3_b.txt 18/11/2005 09:43 301 endless_1_3_c.txt 18/11/2005 09:43 301 endless_1_3_d.txt 18/11/2005 09:43 313 fifth_level_diner.txt 18/11/2005 09:43 313 first_level_diner.txt 18/11/2005 09:43 313 fourth_level_diner.txt 18/11/2005 09:43 313 second_level_diner.txt 18 fichier(s) 5 478 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 996 tableshadow.png 14/05/2006 10:56 <REP> diner 1 fichier(s) 2 996 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 23 014 background.jpg 18/11/2005 09:43 443 upgrades.xml 14/05/2006 10:56 <REP> food 14/05/2006 10:56 <REP> frames 14/05/2006 10:56 <REP> tables 2 fichier(s) 23 457 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 323 food1.png 18/11/2005 09:43 679 food1.xml 18/11/2005 09:43 3 217 food2.png 18/11/2005 09:43 678 food2.xml 18/11/2005 09:43 3 263 food3.png 18/11/2005 09:43 678 food3.xml 6 fichier(s) 11 838 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 28 970 upgrade_0001.png 1 fichier(s) 28 970 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 142 2top.png 18/11/2005 09:43 1 757 2top.xml 18/11/2005 09:43 1 926 4top.png 18/11/2005 09:43 2 227 4top.xml 4 fichier(s) 8 052 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 947 choosedifficulty.lua 18/11/2005 09:43 3 861 chooseplayer.lua 18/11/2005 09:43 1 497 chooserestaurant.lua 18/11/2005 09:43 8 311 credits.lua 18/11/2005 09:43 3 992 game.lua 18/11/2005 09:43 1 300 gothighscore.lua 18/11/2005 09:43 2 500 help.lua 18/11/2005 09:43 3 381 help2.lua 18/11/2005 09:43 14 475 hiscore.lua 18/11/2005 09:43 702 hiscoreinfo.lua 18/11/2005 09:43 3 784 hiscoresubmit.lua 18/11/2005 09:43 1 582 levelintro.lua 18/11/2005 09:43 3 623 levelover.lua 18/11/2005 09:43 775 loading.lua 18/11/2005 09:43 569 mainloop.lua 18/11/2005 09:43 2 548 mainmenu.lua 18/11/2005 09:43 836 ok.lua 18/11/2005 09:43 2 057 pause.lua 18/11/2005 09:43 1 323 style.lua 18/11/2005 09:43 1 521 tutorialintro.lua 18/11/2005 09:43 2 754 upgrade.lua 18/11/2005 09:43 943 upsell.lua 18/11/2005 09:43 2 202 webcomic.lua 18/11/2005 09:43 1 516 yesno.lua 24 fichier(s) 67 999 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 7 639 gamelabsplash.jpg 18/11/2005 09:43 21 506 playfirst_logo.jpg 2 fichier(s) 29 145 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 181 angersmoke.png 18/11/2005 09:43 1 179 angersmoke.xml 18/11/2005 09:43 2 098 chairflags.png 18/11/2005 09:43 1 884 chairflags.xml 18/11/2005 09:43 1 641 check.png 18/11/2005 09:43 335 checkmark.png 18/11/2005 09:43 9 739 clock.png 18/11/2005 09:43 3 021 closed.png 18/11/2005 09:43 5 511 closingtime.png 18/11/2005 09:43 2 511 coinflip.png 18/11/2005 09:43 1 146 coinflip.xml 18/11/2005 09:43 1 182 dollar.png 18/11/2005 09:43 6 341 expert.png 18/11/2005 09:43 3 910 expertscore.png 18/11/2005 09:43 5 463 foodpoof.png 18/11/2005 09:43 640 foodpoof.xml 18/11/2005 09:43 2 676 fork_timer.png 18/11/2005 09:43 2 680 goalcompleted.png 18/11/2005 09:43 2 013 heartgrow.png 18/11/2005 09:43 1 117 heartgrow.xml 18/11/2005 09:43 18 939 jar.png 18/11/2005 09:43 941 jar.xml 18/11/2005 09:43 10 376 level.png 18/11/2005 09:43 4 276 level_career.png 18/11/2005 09:43 8 910 score.png 18/11/2005 09:43 697 sound.png 18/11/2005 09:43 862 staroff.png 18/11/2005 09:43 1 830 staron.png 18/11/2005 09:43 2 187 tablenumber.png 18/11/2005 09:43 2 303 tablenumberup.png 18/11/2005 09:43 419 traynumber.png 18/11/2005 09:43 1 014 tutorialarrow.png 18/11/2005 09:43 1 880 tutorialbox.png 18/11/2005 09:43 6 924 tutorial_character.png 18/11/2005 09:43 11 027 upgradeanim.png 18/11/2005 09:43 1 457 upgradeanim.xml 14/05/2006 10:56 <REP> doodles 14/05/2006 10:56 <REP> upgrades 36 fichier(s) 132 310 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 155 coffee.png 18/11/2005 09:43 3 960 tables.png 18/11/2005 09:43 2 928 wallpaper.png 3 fichier(s) 12 043 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 301 drinks.png 18/11/2005 09:43 4 505 maitred.png 18/11/2005 09:43 3 783 oven.png 18/11/2005 09:43 4 177 select.png 18/11/2005 09:43 2 482 shoes.png 18/11/2005 09:43 4 267 stereo.png 18/11/2005 09:43 3 924 table.png 7 fichier(s) 25 439 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> music 14/05/2006 10:56 <REP> sfx 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 55 809 mainmenumusic.ogg 1 fichier(s) 55 809 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 299 sfx_bring_check_1_snd.ogg 18/11/2005 09:43 3 602 sfx_deliver_food_1_snd.ogg 18/11/2005 09:43 5 560 sfx_deliver_order_1_snd.ogg 18/11/2005 09:43 9 248 sfx_diner.ogg 18/11/2005 09:43 3 906 sfx_dish_dropoff_1_snd.ogg 18/11/2005 09:43 3 932 sfx_food_ready_1_snd.ogg 18/11/2005 09:43 3 650 sfx_gain_heart_1.ogg 18/11/2005 09:43 14 169 sfx_get_drinks_1_snd.ogg 18/11/2005 09:43 6 727 sfx_party_arrive_1_snd.ogg 18/11/2005 09:43 4 861 sfx_pencil_write_2.ogg 18/11/2005 09:43 4 413 sfx_pickup_food_1_snd.ogg 18/11/2005 09:43 2 868 sfx_rollover_1.ogg 18/11/2005 09:43 4 862 sfx_seat_people_snd.ogg 13 fichier(s) 73 097 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> old_male 14/05/2006 10:56 <REP> young_female 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 644 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 644 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 880 anim.png 18/11/2005 09:43 1 479 anim.xml 18/11/2005 09:43 678 sit_legs.png 3 fichier(s) 17 037 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 567 anim.png 18/11/2005 09:43 1 481 anim.xml 18/11/2005 09:43 626 sit_legs.png 3 fichier(s) 16 674 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 859 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 640 sit_legs.png 3 fichier(s) 16 982 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 840 anim.png 18/11/2005 09:43 1 477 anim.xml 18/11/2005 09:43 649 sit_legs.png 3 fichier(s) 16 966 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 982 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 786 sit_legs.png 3 fichier(s) 17 251 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 571 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 571 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 922 anim.png 18/11/2005 09:43 1 485 anim.xml 18/11/2005 09:43 476 sit_legs.png 3 fichier(s) 13 883 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 759 anim.png 18/11/2005 09:43 1 487 anim.xml 18/11/2005 09:43 448 sit_legs.png 3 fichier(s) 13 694 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 875 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 475 sit_legs.png 3 fichier(s) 13 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 584 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 466 sit_legs.png 3 fichier(s) 13 533 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 12 011 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 483 sit_legs.png 3 fichier(s) 13 983 octets Total des fichiers listés : 330 fichier(s) 23 559 412 octets 122 Rép(s) 156 305 883 136 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes 105462 Unistall 61478 Unistall 802.11 USB Wireless LAN Adapter Adobe Acrobat 5.0 Adobe Acrobat Reader 3.01 Adobe Flash Player 9 ActiveX Adobe Reader 6.0.1 Adobe Shockwave Player Adobe Type Manager 4.0 Agere Systems PCI Soft Modem ArcSoft Multimedia Email ATI Display Driver avast! Antivirus Barre d'outils MSN Big Fish Games Toolbar Camera Support Core Library Canon Camera Support Core Library Codeur Windows Media Série 9 Codeur Windows Media Série 9 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB891781 COSMOPOLITAN Virtual Look 2 Creative WebCam Center Creative WebCam Vista Plus Driver (1.02.02.0414) eMule eMule0.47a MorphXT 8.1 ENPC PersoTEST EPSON Logiciel imprimante EPSON PhotoQuicker3.5 EPSON TWAIN 5 EPSON Web-To-Page ESC66 Guide de référence ESC66 Guide des logiciels GalleryPlayer Images GamesBar 1.0.0.9 Gestionnaire Internet Google Toolbar for Firefox High Definition Audio Driver Package - KB835221 High Definition Audio Driver Package - KB888111 HijackThis 1.99.1 Installer Yahoo! Messenger J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_05 Jeux Classiques Lecteur Windows Media 11 Les Sims 2 LFP Manager 06 Macromedia Flash Player Messenger Plus! Live Micro Application - Scrapbook Edition Spéciale Microsoft Office XP Professional avec FrontPage Microsoft Publisher 2002 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft XML Parser MSN Navigateur Orange NTI Backup NOW! 3 NTI Backup NOW! 3 NTI CD & DVD-Maker NTI CD & DVD-Maker Gold Picasa 2 PowerDVD Print@Fujicolor QuickTime QuickTime Realtek High Definition Audio Driver SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio Samsung PC Studio Samsung PC Studio 3 USB Driver Installer Samsung Samples Installer Sandlot Games Client Services ScanToWeb SimCity 3000 Tap'Touche 4 tomb TomTom HOME Ulead Photo Express 4.0 My Custom Edition Usb disk Driver Vodafone 804SS USB driver Software Wanadoo Messager WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:21 <REP> Adobe 08/12/2005 10:14 <REP> Adobe Type Manager 08/12/2005 10:17 <REP> Alwil Software 24/02/2006 18:10 <REP> ArcSoft 10/03/2006 14:14 <REP> AVSMedia 20/02/2007 17:54 <REP> BFG 20/02/2007 17:56 <REP> bfgtoolbar 18/02/2007 18:40 <REP> Boonty 18/02/2007 18:40 <REP> BoontyGames 25/12/2006 21:23 <REP> Canon 31/01/2007 22:44 <REP> ColiPoste 22/03/2005 14:19 <REP> ComPlus Applications 24/02/2006 18:07 <REP> Creative 22/03/2005 14:31 <REP> CyberLink 23/11/2005 17:55 <REP> EA GAMES 23/11/2005 16:37 <REP> EA SPORTS 23/01/2007 16:09 <REP> eMule 26/01/2007 16:21 6 596 038 emule0.47a.morphxt_8_1_installer.exe 07/02/2006 17:18 <REP> ENPC_PersoTEST1 06/12/2005 14:53 <REP> EPSON 22/03/2005 14:15 <REP> Fichiers communs 24/11/2005 13:33 <REP> Fujifilm 04/05/2006 21:58 <REP> Google 18/01/2007 18:14 <REP> Grisoft 17/01/2007 22:47 <REP> HijackThis 17/02/2007 15:05 <REP> Ihsv 22/03/2005 14:26 <REP> Intel 22/03/2005 14:19 <REP> Internet Explorer 06/03/2006 11:45 <REP> Inventel 28/08/2006 16:30 <REP> iWin 22/03/2005 14:27 <REP> Java 18/03/2006 13:45 <REP> Jeux classiques 27/12/2006 10:22 <REP> Lavasoft 12/07/2006 19:23 <REP> Maxis 22/03/2005 14:18 <REP> Messenger 24/12/2006 10:47 <REP> Messenger Plus! Live 09/01/2006 16:20 <REP> Micro Application 22/03/2005 14:22 <REP> microsoft frontpage 08/12/2005 10:04 <REP> Microsoft Office 08/12/2005 10:05 <REP> Microsoft Visual Studio 22/03/2005 14:19 <REP> Movie Maker 22/03/2005 14:18 <REP> MSN 25/02/2006 22:01 <REP> MSN Apps 07/06/2006 11:50 <REP> MSN Games 22/03/2005 14:18 <REP> MSN Gaming Zone 25/10/2006 22:57 <REP> MSN Messenger 22/03/2005 14:19 <REP> NetMeeting 22/03/2005 14:33 <REP> NewTech Infosystems 22/03/2005 14:19 <REP> Online Services 22/07/2006 15:17 <REP> orange 22/03/2005 14:19 <REP> Outlook Express 08/12/2005 10:13 <REP> PhotoDeluxe EE 1.0 23/01/2007 21:22 <REP> Picasa2 10/03/2006 11:54 <REP> QuickTime 27/06/2006 19:32 <REP> Real 22/03/2005 14:26 <REP> Realtek 27/06/2006 19:32 774 144 RngInterstitial.dll 01/02/2007 16:30 <REP> Samsung 28/07/2006 15:07 <REP> Securitoo 22/03/2005 14:20 <REP> Services en ligne 17/01/2007 19:05 <REP> Spyware Doctor 22/03/2005 14:28 <REP> Symantec 31/08/2006 21:14 <REP> Tap'Touche 4 25/03/2007 11:01 <REP> TomTom HOME 24/02/2006 18:09 <REP> Ulead Systems 05/11/2006 21:39 <REP> Virtools Web Player 3.5 17/04/2007 18:49 <REP> Virtual Look 2 06/07/2006 18:58 <REP> Wanadoo 06/07/2006 18:58 <REP> Wanadoo Messager 03/01/2007 12:01 <REP> Windows Media Components 22/03/2005 14:19 <REP> Windows Media Player 22/03/2005 14:18 <REP> Windows NT 17/01/2007 18:31 <REP> Winsos 22/03/2005 14:22 <REP> xerox 29/03/2006 23:26 <REP> Yahoo! 06/12/2006 20:58 <REP> Zylom Games 2 fichier(s) 7 370 182 octets 76 Rép(s) 156 303 654 912 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:15 <REP> Microsoft Shared 22/03/2005 14:15 <REP> SpeechEngines 22/03/2005 14:15 <REP> ODBC 22/03/2005 14:19 <REP> System 22/03/2005 14:19 <REP> MSSoap 22/03/2005 14:19 <REP> Services 22/03/2005 14:25 <REP> InstallShield 22/03/2005 14:27 <REP> Java 22/03/2005 14:29 <REP> Symantec Shared 04/12/2005 11:12 <REP> Adobe 08/12/2005 10:05 <REP> Designer 09/01/2006 16:20 <REP> Micro Application Shared 31/07/2006 14:00 278 528 FDEUnInstaller.exe 10/03/2006 14:14 <REP> AVSMedia 18/03/2006 13:45 <REP> Wise Installation Wizard 30/03/2006 21:22 <REP> Sandlot Shared 27/06/2006 19:32 <REP> Real 03/01/2007 11:40 <REP> MAGIX Shared 18/02/2007 18:41 <REP> BOONTY Shared 1 fichier(s) 278 528 octets 20 Rép(s) 156 303 654 912 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 22/03/2005 14:25 <REP> . 22/03/2005 14:25 <REP> .. 07/03/2001 07:00 127 033 MSOWS40c.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 08/12/2005 10:05 <REP> 1036 08/12/2005 10:05 <REP> 1033 15/02/2001 05:45 1 318 912 MSONSEXT.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 12/02/2001 04:03 684 032 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 156 303 654 912 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\ 18/01/2007 23:19 126 976 zip.exe 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 24/05/2001 12:59 162 304 UNWISE.EXE 4 fichier(s) 460 800 octets 0 Rép(s) 156 303 654 912 octets libres c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\Setup.exe c:\Documents and Settings\marion\Local Settings\Temp\Install_Messenger.exe c:\Documents and Settings\marion\Local Settings\Temp\Répertoire temporaire 1 pour killbox.zip\KillBox.exe c:\Documents and Settings\marion\Mes documents\msgpluslive-411.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\fixwareout.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\sdfix.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\dumphive.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\HostsChk.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Process.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Reboot.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\restart.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swreg.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swsc.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swxcacls.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\unzip.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\clean\clean\pskill.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\killbox\KillBox.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\catchme.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\diff.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\dumphive.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\Fport.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\grep.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\LFiles.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\pslist.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\streams.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\swreg.exe c:\Documents and Settings\marion\Mes documents\marion\install_messenger.exe c:\Documents and Settings\marion\Mes documents\marion\wmencoder.exe c:\Documents and Settings\marion\Bureau\emule0.47c-installer.exe c:\Documents and Settings\marion\Bureau\picasaweb-current-setup.exe c:\Documents and Settings\marion\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\marion\Application Data\WholeSecurity\CAT\WSUIEE.exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\OPW9P26M\zaasSetup_65_737_000_fr[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[2].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\ztool4[1].exe c:\Documents and Settings\guillaume\Mes documents\louvetain\rustbfix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\SDFix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\zaasSetup_65_737_000_fr.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\ATR1.EXE c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005Patch1_2.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\TrophyViewer.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\unins000.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\uninspro.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\WebLauncher.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsia.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsiw.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\setup.exe c:\Documents and Settings\guillaume\Bureau\clean\pskill.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swxcacls.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\delicious.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\babel.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setup.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setupx.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVIP}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{0000278T-TT9K-T8DU-1KFV-23O5NTEJMVU6}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU0}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-83VE-238SHC0H2VVH}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV2}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{002AVPFP-JHLQ-ABE3-SM6K-20DE4GEHCVVJ}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKO}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG5-V0BI-21QH2RV14VVR}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VUC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-LS5J-229F8D9V0VVC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-FTST-22EV6QAI2VV1}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG7-9568-243JELPN2VVD}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
-
Voici le rapport diaghelp: C:\WINDOWS\System32/drivers\gmer.sys -->21/01/2007 21:34:22 C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 18:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 18:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 00:56:14 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 00:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 00:51:58 C:\WINDOWS\System32/drivers\tcpip.sys -->12/12/2006 23:59:32 C:\WINDOWS\System32\AdobeFnt.lst -->17/04/2007 17:00:54 C:\WINDOWS\System32\tmp.txt -->17/04/2007 15:24:40 C:\WINDOWS\System32\tmp.reg -->17/04/2007 15:24:40 C:\WINDOWS\System32\vexg3am1et3.exe -->17/04/2007 14:27:10 C:\WINDOWS\System32\vexg4am1et2.exe -->17/04/2007 14:27:10 C:\WINDOWS\System32\cent.exe -->17/04/2007 08:29:28 C:\WINDOWS\System32\wpa.dbl -->17/04/2007 08:11:12 C:\WINDOWS\System32\FNTCACHE.DAT -->02/04/2007 19:07:54 C:\WINDOWS\System32\cszgj.exe -->12/03/2007 09:05:36 C:\WINDOWS\System32\PCANDIS5.sys -->23/01/2007 15:25:50 C:\WINDOWS\System32\W32N50.dll -->23/01/2007 15:25:50 C:\WINDOWS\System32\tmp9AF84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpB7F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpC4F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpD1F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpEEE84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\zllictbl.dat -->21/01/2007 22:43:48 C:\WINDOWS\System32\ikhcore.log -->17/01/2007 20:48:06 C:\WINDOWS\System32\CONFIG.NT -->17/01/2007 17:36:22 C:\WINDOWS\System32\dip.exe -->17/01/2007 15:34:36 C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:08 C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20 C:\WINDOWS\System32\LegitCheckControl.DLL -->12/12/2006 10:45:04 C:\WINDOWS\System32\swxcacls.exe -->01/12/2006 05:20:34 C:\WINDOWS\System32\pxhpinst.exe -->27/09/2006 22:53:24 C:\WINDOWS.log -->17/04/2007 18:40:52 C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->17/04/2007 18:40:50 C:\WINDOWS\wiadebug.log -->17/04/2007 18:40:48 C:\WINDOWS\bootstat.dat -->17/04/2007 18:40:34 C:\WINDOWS\SchedLgU.Txt -->17/04/2007 18:40:04 C:\WINDOWS\WindowsUpdate.log -->17/04/2007 18:40:04 C:\WINDOWS\wiaservc.log -->17/04/2007 18:40:04 C:\WINDOWS\setupact.log -->17/04/2007 15:26:10 C:\WINDOWS\updater.exe.bin -->17/04/2007 08:11:56 C:\WINDOWS\wmsetup.log -->11/04/2007 12:06:52 C:\WINDOWS\updater.exe.tmp -->11/04/2007 11:55:10 C:\WINDOWS\NAVIGMA.INI -->05/04/2007 21:24:34 C:\WINDOWS\EPISMF00.SWB -->02/04/2007 19:40:14 C:\WINDOWS\setupapi.log -->02/04/2007 18:25:06 C:\WINDOWS\win.ini -->20/03/2007 21:16:26 C:\WINDOWS\twunk_16.exe |01/01/1980 00:00:00 C:\WINDOWS\twunk_32.exe |01/01/1980 00:00:00 C:\WINDOWS\SETR.EXE |01/01/1980 00:00:00 C:\WINDOWS\AMOVE.EXE |01/01/1980 00:00:00 C:\WINDOWS\ALAUNCH.EXE |01/01/1980 00:00:00 C:\WINDOWS\EHIB.EXE |01/01/1980 00:00:00 C:\WINDOWS\GalleryPlayer Images Uninstaller.exe |03/10/2005 19:40:02 C:\WINDOWS\gmer.exe |21/01/2007 21:34:21 C:\WINDOWS\uninst.exe |06/01/2007 14:48:06 C:\WINDOWS\IsUninst.exe |06/01/2007 14:52:23 C:\WINDOWS\unvise32.exe |25/03/2007 11:01:47 C:\WINDOWS\AGRSMMSG.exe |01/01/1980 00:00:00 C:\WINDOWS\agrsmdel.exe |01/01/1980 00:00:00 C:\WINDOWS\SoundMan.exe |22/03/2005 14:26:50 C:\WINDOWS\RTHDCPL.EXE |22/03/2005 14:26:50 C:\WINDOWS\RTLCPL.EXE |22/03/2005 14:26:49 C:\WINDOWS\ALCWZRD.EXE |22/03/2005 14:26:50 C:\WINDOWS\unin040c.exe |08/12/2005 10:12:00 C:\WINDOWS\CtDrvIns.exe |24/02/2006 18:11:52 C:\WINDOWS\V0090Cfg.exe |24/02/2006 18:11:52 C:\WINDOWS\Ctregrun.exe |24/02/2006 18:12:30 C:\WINDOWS\IsUn040c.exe |11/02/2006 14:28:33 C:\WINDOWS\twain.dll |01/01/1980 00:00:00 C:\WINDOWS\twain_32.dll |01/01/1980 00:00:00 C:\WINDOWS\sysgtime.dll |07/01/2000 01:00:00 C:\WINDOWS\gmer.dll |21/01/2007 21:34:21 C:\WINDOWS\RtlExUpd.dll |03/04/2005 02:24:24 C:\WINDOWS\kpapi32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpcp32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpsys32.dll |08/12/2005 10:13:17 C:\WINDOWS\Sprof32.dll |08/12/2005 10:13:17 C:\WINDOWS\pcdlib32.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\append.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\debug.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34 C:\WINDOWS\system32\edlin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\exe2bin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\fastopen.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mem.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mscdexnt.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\nlsfunc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\setver.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\share.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\java.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\dosx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\redir.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\FTRTSVC.exe |23/01/2007 16:01:55 C:\WINDOWS\system32\javaw.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\aswBoot.exe |08/12/2005 10:17:54 C:\WINDOWS\system32\javaws.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\ASPTV.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\ASPFM.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\swreg.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swsc.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\dumphive.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swxcacls.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\pxhpinst.exe |23/01/2007 21:22:34 C:\WINDOWS\system32\fslfd.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\yenjm.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dip.exe |17/01/2007 15:34:34 C:\WINDOWS\system32\aoiqd.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\arlnl.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ilpjc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cesoa.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\bydyf.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cszgj.exe |21/03/2007 18:02:43 C:\WINDOWS\system32\vixwj.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\uhewj.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\smyun.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\vdbne.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cspqa.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mrkyl.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\phvqm.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\jcfaz.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\zfqis.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cent.exe |17/04/2007 08:29:25 C:\WINDOWS\system32\Hdaudpropshortcut.exe |17/03/2004 15:10:40 C:\WINDOWS\system32\Process.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\SrchSTS.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\creLink.exe |22/03/2005 14:34:45 C:\WINDOWS\system32\CreMan.exe |22/03/2005 14:35:01 C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ChCfg.exe |03/04/2005 02:24:28 C:\WINDOWS\system32\HdAShCut.exe |07/01/2005 17:07:16 C:\WINDOWS\system32\MaggiUninstall60.exe |06/01/2007 14:48:19 C:\WINDOWS\system32\TVIcon.exe |23/11/2005 16:22:42 C:\WINDOWS\system32\vexg4am1et2.exe |11/04/2007 11:53:42 C:\WINDOWS\system32\vexg3am1et3.exe |17/04/2007 08:29:36 C:\WINDOWS\system32\V0090Srv.exe |24/02/2006 18:11:52 C:\WINDOWS\system32\unwlsdrv.exe |06/01/2005 15:04:00 C:\WINDOWS\system32\ir32_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgaw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgdw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgmd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgpl400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsh400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06 C:\WINDOWS\system32\msencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbrccsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\tsd32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\win87em.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\amstream.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmfd.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmlib.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\compatUI.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\encdec.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\iccvid.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ieencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\msdmo.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\qedwipes.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\sbe.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbcsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbiop.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ltkrn13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\EqnClass.Dll |22/03/2005 14:15:29 C:\WINDOWS\system32\spxcoins.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgsetup.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgrpsetu.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\ltfil13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltdis13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltimg13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfbmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfcmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltefx13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfgif13n.dll |22/08/2006 17:54:52 C:\WINDOWS\system32\lame_enc.dll |11/04/2000 20:44:56 C:\WINDOWS\system32\epcomdd.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESDTR.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESICM.dll |29/11/2006 16:27:35 C:\WINDOWS\system32\esccm.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimg.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiab.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiad.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwian.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\px.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxmas.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxwave.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\vxblock.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxdrv.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\mgxoschk.dll |03/01/2007 11:39:29 C:\WINDOWS\system32\INETWH32.dll |03/01/2007 11:39:50 C:\WINDOWS\system32\ROBOEX32.DLL |24/02/2006 18:09:53 C:\WINDOWS\system32\SHW32.DLL |27/03/2007 21:38:32 C:\WINDOWS\system32\hticons.dll |22/03/2005 14:18:52 C:\WINDOWS\system32\Hdaudprop.dll |17/03/2004 15:10:40 C:\WINDOWS\system32\isrdbg32.dll |22/03/2005 14:19:50 C:\WINDOWS\system32\Hdaudpropres.dll |18/03/2004 17:18:08 C:\WINDOWS\system32\NTICDMK32.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\NTIMPEG2.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30 C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38 C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56 C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36 C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29 C:\WINDOWS\system32\ntiembed.dll |22/03/2005 14:34:20 C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Esint23.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Esintpl.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Epfb5cpl.dll |29/11/2006 16:27:36 C:\WINDOWS\system32\HdAProp.dll |07/01/2005 17:07:16 C:\WINDOWS\system32\HdAudRes.dll |07/01/2005 17:07:04 C:\WINDOWS\system32\HtmlWH.dll |03/01/2007 11:39:49 C:\WINDOWS\system32\IfHelper.dll |23/01/2007 16:01:55 C:\WINDOWS\system32\RtlCPAPI.dll |22/03/2005 14:26:49 C:\WINDOWS\system32\vp6vfw.dll |23/11/2005 17:55:34 C:\WINDOWS\system32\fun_avcodec.dll |01/02/2007 16:30:54 C:\WINDOWS\system32\EBPMON24.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\ECBTEG.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\EBPCHP.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\E_DCINST.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\Epcmlib.dll |06/12/2005 14:54:51 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 02:53:58 C:\WINDOWS\system32\cppenv25.dll |08/12/2005 10:13:15 C:\WINDOWS\system32\EZIMG25.dll |08/12/2005 10:13:16 C:\WINDOWS\system32\WINSIZE.DLL |08/12/2005 10:13:16 C:\WINDOWS\system32\Snap32n.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\MSVCRT10.DLL |08/12/2005 10:13:17 C:\WINDOWS\system32\ATMDRVR.DLL |08/12/2005 10:14:25 C:\WINDOWS\system32\fun_mp4_dec.dll |01/02/2007 16:30:55 C:\WINDOWS\system32\fun_mp4_enc.dll |01/02/2007 16:30:55 C:\WINDOWS\system32\WooDial2000.dll |24/02/2006 17:42:20 C:\WINDOWS\system32\rnaph.dll |24/02/2006 17:42:13 C:\WINDOWS\system32\CtCamMgr.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\CtRegApp.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Hwx.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Pin.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Sti.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Vfw.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\hypertrm.dll |22/03/2005 14:18:48 C:\WINDOWS\system32\W32N50.dll |06/03/2006 11:22:41 C:\WINDOWS\system32\ffJmpWeb.dll |06/03/2006 11:38:09 C:\WINDOWS\system32\mcdvd_32.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\divx.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidcore.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidvfw.dll |10/03/2006 14:14:45 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system 23/08/2001 05:00 9 728 regsvr32.exe 1 fichier(s) 9 728 octets 0 Rép(s) 156 296 183 808 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system32 05/08/2004 05:00 6 144 csrss.exe 12/03/2007 09:05 52 759 cszgj.exe 05/08/2004 05:00 34 827 cspqa.exe 3 fichier(s) 93 730 octets 0 Rép(s) 156 296 183 808 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\Downloaded Program Files 22/03/2005 14:20 <REP> . 22/03/2005 14:20 <REP> .. 22/03/2005 14:20 65 desktop.ini 10/11/2005 14:05 876 jinstall-1_5_0_06.inf 14/05/2006 10:56 <REP> DinerDash.1.0.0.58 03/06/2002 17:53 144 QTPlugin.inf 19/06/2002 14:11 117 088 PURen-us.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 25/06/2006 12:50 1 793 erma.inf 26/05/2005 04:19 293 muweb.inf 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/12/2006 01:00 124 584 naveng32.dll 20/12/2006 01:00 882 344 navex32a.dll 20/12/2006 01:00 2 504 catalog.dat 20/12/2006 01:00 272 040 ecmsvr32.dll 20/12/2006 01:00 6 899 ecbootil.vxd 20/12/2006 01:00 32 virscant.dat 20/12/2006 01:00 974 242 virscan1.dat 20/12/2006 01:00 569 910 virscan2.dat 20/12/2006 01:00 147 296 virscan3.dat 20/12/2006 01:00 320 186 virscan4.dat 20/12/2006 01:00 3 086 703 virscan5.dat 20/12/2006 01:00 390 030 virscan6.dat 20/12/2006 01:00 5 396 298 virscan7.dat 20/12/2006 01:00 1 650 979 virscan8.dat 20/12/2006 01:00 3 940 959 virscan9.dat 20/12/2006 01:00 224 zdone.dat 20/12/2006 01:00 106 244 virscan.inf 20/12/2006 01:00 97 696 scrauth.dat 20/12/2006 01:00 453 tinf.dat 20/12/2006 01:00 148 tinfidx.dat 20/12/2006 01:00 1 957 tinfl.dat 20/12/2006 01:00 64 048 tscan1.dat 20/12/2006 01:00 3 072 tscan1hd.dat 20/12/2006 01:00 1 061 symaveng.inf 20/12/2006 01:00 9 237 symaveng.cat 20/12/2006 01:00 187 543 tcdefs.dat 20/12/2006 01:00 1 172 076 tcscan7.dat 20/12/2006 01:00 323 242 tcscan8.dat 20/12/2006 01:00 728 804 tcscan9.dat 20/12/2006 01:00 4 778 v.grd 20/12/2006 01:00 2 261 v.sig 28/12/2006 17:58 2 072 vscanmsx.dat 09/11/2006 14:36 5 019 swflash.inf 11/12/2006 16:44 367 LegitCheckControl.inf 09/01/2007 08:30 110 592 PURfr-fr.dll 44 fichier(s) 21 196 848 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:46 995 328 dinerdash.exe 14/05/2006 10:56 <REP> assets 1 fichier(s) 995 328 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 460 playfirst_logo.png 18/11/2005 09:43 11 803 strings.xml 14/05/2006 10:56 <REP> accessories 14/05/2006 10:56 <REP> backgrounds 14/05/2006 10:56 <REP> buttons 14/05/2006 10:56 <REP> comics 14/05/2006 10:56 <REP> config 14/05/2006 10:56 <REP> cook 14/05/2006 10:56 <REP> cursor 14/05/2006 10:56 <REP> flo 14/05/2006 10:56 <REP> fonts 14/05/2006 10:56 <REP> furniture 14/05/2006 10:56 <REP> hiscore 14/05/2006 10:56 <REP> layouts 14/05/2006 10:56 <REP> restaurants 14/05/2006 10:56 <REP> scripts 14/05/2006 10:56 <REP> splash 14/05/2006 10:56 <REP> ui 14/05/2006 10:56 <REP> audio 14/05/2006 10:56 <REP> customers 2 fichier(s) 17 263 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 568 cup.png 18/11/2005 09:43 619 customer_cup.png 18/11/2005 09:43 239 heart.png 18/11/2005 09:43 927 menu_down.png 18/11/2005 09:43 1 244 menu_up.png 18/11/2005 09:43 850 plates.png 18/11/2005 09:43 741 ticket.png 18/11/2005 09:43 1 639 tray.png 8 fichier(s) 6 827 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 319 choosedifficulty.png 18/11/2005 09:43 12 316 credits.jpg 18/11/2005 09:43 12 927 flo_lose.png 18/11/2005 09:43 13 807 flo_win.png 18/11/2005 09:43 16 725 help1.jpg 18/11/2005 09:43 18 595 help2.jpg 18/11/2005 09:43 14 327 highscores.jpg 18/11/2005 09:43 14 586 levelintro.jpg 18/11/2005 09:43 2 967 levelintro_mask.png 18/11/2005 09:43 14 582 levelover.jpg 18/11/2005 09:43 3 383 levelover_mask.png 18/11/2005 09:43 43 278 mainmenu.jpg 18/11/2005 09:43 7 362 popup.jpg 18/11/2005 09:43 1 899 popup_mask.png 18/11/2005 09:43 6 010 upgradegrid.png 18/11/2005 09:43 3 218 upgradetitle.png 18/11/2005 09:43 39 050 upsell.jpg 17 fichier(s) 226 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 825 arrowleft_blue.png 18/11/2005 09:43 995 arrowleft_yellow.png 18/11/2005 09:43 827 arrowright_blue.png 18/11/2005 09:43 991 arrowright_yellow.png 18/11/2005 09:43 2 326 backchalk.png 18/11/2005 09:43 2 960 backchalkup.png 18/11/2005 09:43 1 420 backtomenu_blue.png 18/11/2005 09:43 1 393 backtomenu_yellow.png 18/11/2005 09:43 1 795 back_blue.png 18/11/2005 09:43 1 761 back_yellow.png 18/11/2005 09:43 2 403 cancel.png 18/11/2005 09:43 2 368 cancelup.png 18/11/2005 09:43 2 722 career.png 18/11/2005 09:43 2 714 career_over.png 18/11/2005 09:43 2 156 close.png 18/11/2005 09:43 2 223 closeup.png 18/11/2005 09:43 3 346 continue.png 18/11/2005 09:43 3 208 continueover.png 18/11/2005 09:43 1 378 credits_blue.png 18/11/2005 09:43 1 365 credits_yellow.png 18/11/2005 09:43 2 073 download_blue.png 18/11/2005 09:43 2 081 download_yellow.png 18/11/2005 09:43 2 530 easy.png 18/11/2005 09:43 1 695 easy_over.png 18/11/2005 09:43 2 882 endlessshift.png 18/11/2005 09:43 2 886 endlessshift_over.png 18/11/2005 09:43 2 525 hard.png 18/11/2005 09:43 1 780 hard_over.png 18/11/2005 09:43 1 397 help.png 18/11/2005 09:43 1 395 help_over.png 18/11/2005 09:43 2 871 highscores.png 18/11/2005 09:43 2 871 highscores_over.png 18/11/2005 09:43 1 492 instructions_blue.png 18/11/2005 09:43 1 487 instructions_yellow.png 18/11/2005 09:43 1 491 letsplay.png 18/11/2005 09:43 1 491 letsplayover.png 18/11/2005 09:43 2 934 medium.png 18/11/2005 09:43 1 972 medium_over.png 18/11/2005 09:43 2 909 moreinfo.png 18/11/2005 09:43 2 903 moreinfoup.png 18/11/2005 09:43 580 off.png 18/11/2005 09:43 580 off_on.png 18/11/2005 09:43 505 on.png 18/11/2005 09:43 504 on_on.png 18/11/2005 09:43 827 pause.png 18/11/2005 09:43 843 pauseover.png 18/11/2005 09:43 2 835 quit.png 18/11/2005 09:43 3 776 quitgame.png 18/11/2005 09:43 3 122 quitgameover.png 18/11/2005 09:43 2 866 quitover.png 18/11/2005 09:43 3 762 resumegame.png 18/11/2005 09:43 3 196 resumegameover.png 18/11/2005 09:43 2 812 submit.png 18/11/2005 09:43 2 737 submitup.png 18/11/2005 09:43 3 175 tryagain.png 18/11/2005 09:43 3 244 tryagainover.png 18/11/2005 09:43 4 392 upgrade_over.png 18/11/2005 09:43 4 429 upgrade_up.png 18/11/2005 09:43 4 235 viewglobal.png 18/11/2005 09:43 4 219 viewglobalup.png 18/11/2005 09:43 3 710 viewhighscore.png 18/11/2005 09:43 3 250 viewhighscoreon.png 18/11/2005 09:43 4 189 viewlocal.png 18/11/2005 09:43 4 173 viewlocalup.png 64 fichier(s) 150 802 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 31 920 webcomic.jpg 1 fichier(s) 31 920 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 33 657 career.xml 18/11/2005 09:43 11 169 customer.xml 18/11/2005 09:43 17 741 endless.xml 18/11/2005 09:43 621 global.xml 18/11/2005 09:43 3 137 powerups.xml 5 fichier(s) 66 325 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 6 690 cook.png 18/11/2005 09:43 3 091 cook.xml 18/11/2005 09:43 228 stove.png 3 fichier(s) 10 009 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 773 arrow.png 18/11/2005 09:43 2 028 click.png 18/11/2005 09:43 1 926 click2.png 18/11/2005 09:43 1 726 grab.png 18/11/2005 09:43 2 274 open.png 5 fichier(s) 9 727 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 21 613 idle.png 18/11/2005 09:43 2 752 idle.xml 18/11/2005 09:43 6 943 lower.png 18/11/2005 09:43 2 177 lower.xml 18/11/2005 09:43 16 974 upper.png 18/11/2005 09:43 6 892 upper.xml 6 fichier(s) 57 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 36 107 arial.mvec 18/11/2005 09:43 34 231 komikaaxis.mvec 2 fichier(s) 70 338 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 529 chair.png 18/11/2005 09:43 2 914 chair.xml 18/11/2005 09:43 1 512 dirt2top.png 18/11/2005 09:43 1 762 dirt4top.png 18/11/2005 09:43 11 831 dishcart.png 18/11/2005 09:43 1 455 dishcart.xml 18/11/2005 09:43 2 990 drinkstation_off.png 18/11/2005 09:43 3 248 drinkstation_on1.png 18/11/2005 09:43 2 965 drinkstation_on2.png 18/11/2005 09:43 14 012 ticketstation.png 18/11/2005 09:43 2 621 ticketstation.xml 11 fichier(s) 50 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 700 arrowdown.png 18/11/2005 09:43 699 arrowdownon.png 18/11/2005 09:43 684 arrowleft.png 18/11/2005 09:43 684 arrowlefton.png 18/11/2005 09:43 677 arrowright.png 18/11/2005 09:43 679 arrowrighton.png 18/11/2005 09:43 701 arrowup.png 18/11/2005 09:43 703 arrowupon.png 18/11/2005 09:43 357 p1icon.png 18/11/2005 09:43 3 844 textedit.png 18/11/2005 09:43 2 066 title.png 11 fichier(s) 11 794 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 301 endless_1_1.txt 18/11/2005 09:43 301 endless_1_1_a.txt 18/11/2005 09:43 301 endless_1_1_b.txt 18/11/2005 09:43 301 endless_1_1_c.txt 18/11/2005 09:43 301 endless_1_2.txt 18/11/2005 09:43 301 endless_1_2_a.txt 18/11/2005 09:43 313 endless_1_2_b.txt 18/11/2005 09:43 301 endless_1_2_c.txt 18/11/2005 09:43 301 endless_1_2_d.txt 18/11/2005 09:43 301 endless_1_3.txt 18/11/2005 09:43 301 endless_1_3_a.txt 18/11/2005 09:43 301 endless_1_3_b.txt 18/11/2005 09:43 301 endless_1_3_c.txt 18/11/2005 09:43 301 endless_1_3_d.txt 18/11/2005 09:43 313 fifth_level_diner.txt 18/11/2005 09:43 313 first_level_diner.txt 18/11/2005 09:43 313 fourth_level_diner.txt 18/11/2005 09:43 313 second_level_diner.txt 18 fichier(s) 5 478 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 996 tableshadow.png 14/05/2006 10:56 <REP> diner 1 fichier(s) 2 996 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 23 014 background.jpg 18/11/2005 09:43 443 upgrades.xml 14/05/2006 10:56 <REP> food 14/05/2006 10:56 <REP> frames 14/05/2006 10:56 <REP> tables 2 fichier(s) 23 457 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 323 food1.png 18/11/2005 09:43 679 food1.xml 18/11/2005 09:43 3 217 food2.png 18/11/2005 09:43 678 food2.xml 18/11/2005 09:43 3 263 food3.png 18/11/2005 09:43 678 food3.xml 6 fichier(s) 11 838 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 28 970 upgrade_0001.png 1 fichier(s) 28 970 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 142 2top.png 18/11/2005 09:43 1 757 2top.xml 18/11/2005 09:43 1 926 4top.png 18/11/2005 09:43 2 227 4top.xml 4 fichier(s) 8 052 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 947 choosedifficulty.lua 18/11/2005 09:43 3 861 chooseplayer.lua 18/11/2005 09:43 1 497 chooserestaurant.lua 18/11/2005 09:43 8 311 credits.lua 18/11/2005 09:43 3 992 game.lua 18/11/2005 09:43 1 300 gothighscore.lua 18/11/2005 09:43 2 500 help.lua 18/11/2005 09:43 3 381 help2.lua 18/11/2005 09:43 14 475 hiscore.lua 18/11/2005 09:43 702 hiscoreinfo.lua 18/11/2005 09:43 3 784 hiscoresubmit.lua 18/11/2005 09:43 1 582 levelintro.lua 18/11/2005 09:43 3 623 levelover.lua 18/11/2005 09:43 775 loading.lua 18/11/2005 09:43 569 mainloop.lua 18/11/2005 09:43 2 548 mainmenu.lua 18/11/2005 09:43 836 ok.lua 18/11/2005 09:43 2 057 pause.lua 18/11/2005 09:43 1 323 style.lua 18/11/2005 09:43 1 521 tutorialintro.lua 18/11/2005 09:43 2 754 upgrade.lua 18/11/2005 09:43 943 upsell.lua 18/11/2005 09:43 2 202 webcomic.lua 18/11/2005 09:43 1 516 yesno.lua 24 fichier(s) 67 999 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 7 639 gamelabsplash.jpg 18/11/2005 09:43 21 506 playfirst_logo.jpg 2 fichier(s) 29 145 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 181 angersmoke.png 18/11/2005 09:43 1 179 angersmoke.xml 18/11/2005 09:43 2 098 chairflags.png 18/11/2005 09:43 1 884 chairflags.xml 18/11/2005 09:43 1 641 check.png 18/11/2005 09:43 335 checkmark.png 18/11/2005 09:43 9 739 clock.png 18/11/2005 09:43 3 021 closed.png 18/11/2005 09:43 5 511 closingtime.png 18/11/2005 09:43 2 511 coinflip.png 18/11/2005 09:43 1 146 coinflip.xml 18/11/2005 09:43 1 182 dollar.png 18/11/2005 09:43 6 341 expert.png 18/11/2005 09:43 3 910 expertscore.png 18/11/2005 09:43 5 463 foodpoof.png 18/11/2005 09:43 640 foodpoof.xml 18/11/2005 09:43 2 676 fork_timer.png 18/11/2005 09:43 2 680 goalcompleted.png 18/11/2005 09:43 2 013 heartgrow.png 18/11/2005 09:43 1 117 heartgrow.xml 18/11/2005 09:43 18 939 jar.png 18/11/2005 09:43 941 jar.xml 18/11/2005 09:43 10 376 level.png 18/11/2005 09:43 4 276 level_career.png 18/11/2005 09:43 8 910 score.png 18/11/2005 09:43 697 sound.png 18/11/2005 09:43 862 staroff.png 18/11/2005 09:43 1 830 staron.png 18/11/2005 09:43 2 187 tablenumber.png 18/11/2005 09:43 2 303 tablenumberup.png 18/11/2005 09:43 419 traynumber.png 18/11/2005 09:43 1 014 tutorialarrow.png 18/11/2005 09:43 1 880 tutorialbox.png 18/11/2005 09:43 6 924 tutorial_character.png 18/11/2005 09:43 11 027 upgradeanim.png 18/11/2005 09:43 1 457 upgradeanim.xml 14/05/2006 10:56 <REP> doodles 14/05/2006 10:56 <REP> upgrades 36 fichier(s) 132 310 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 155 coffee.png 18/11/2005 09:43 3 960 tables.png 18/11/2005 09:43 2 928 wallpaper.png 3 fichier(s) 12 043 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 301 drinks.png 18/11/2005 09:43 4 505 maitred.png 18/11/2005 09:43 3 783 oven.png 18/11/2005 09:43 4 177 select.png 18/11/2005 09:43 2 482 shoes.png 18/11/2005 09:43 4 267 stereo.png 18/11/2005 09:43 3 924 table.png 7 fichier(s) 25 439 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> music 14/05/2006 10:56 <REP> sfx 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 55 809 mainmenumusic.ogg 1 fichier(s) 55 809 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 299 sfx_bring_check_1_snd.ogg 18/11/2005 09:43 3 602 sfx_deliver_food_1_snd.ogg 18/11/2005 09:43 5 560 sfx_deliver_order_1_snd.ogg 18/11/2005 09:43 9 248 sfx_diner.ogg 18/11/2005 09:43 3 906 sfx_dish_dropoff_1_snd.ogg 18/11/2005 09:43 3 932 sfx_food_ready_1_snd.ogg 18/11/2005 09:43 3 650 sfx_gain_heart_1.ogg 18/11/2005 09:43 14 169 sfx_get_drinks_1_snd.ogg 18/11/2005 09:43 6 727 sfx_party_arrive_1_snd.ogg 18/11/2005 09:43 4 861 sfx_pencil_write_2.ogg 18/11/2005 09:43 4 413 sfx_pickup_food_1_snd.ogg 18/11/2005 09:43 2 868 sfx_rollover_1.ogg 18/11/2005 09:43 4 862 sfx_seat_people_snd.ogg 13 fichier(s) 73 097 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> old_male 14/05/2006 10:56 <REP> young_female 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 644 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 644 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 880 anim.png 18/11/2005 09:43 1 479 anim.xml 18/11/2005 09:43 678 sit_legs.png 3 fichier(s) 17 037 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 567 anim.png 18/11/2005 09:43 1 481 anim.xml 18/11/2005 09:43 626 sit_legs.png 3 fichier(s) 16 674 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 859 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 640 sit_legs.png 3 fichier(s) 16 982 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 840 anim.png 18/11/2005 09:43 1 477 anim.xml 18/11/2005 09:43 649 sit_legs.png 3 fichier(s) 16 966 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 982 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 786 sit_legs.png 3 fichier(s) 17 251 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 571 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 571 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 922 anim.png 18/11/2005 09:43 1 485 anim.xml 18/11/2005 09:43 476 sit_legs.png 3 fichier(s) 13 883 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 759 anim.png 18/11/2005 09:43 1 487 anim.xml 18/11/2005 09:43 448 sit_legs.png 3 fichier(s) 13 694 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 875 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 475 sit_legs.png 3 fichier(s) 13 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 584 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 466 sit_legs.png 3 fichier(s) 13 533 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 12 011 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 483 sit_legs.png 3 fichier(s) 13 983 octets Total des fichiers listés : 330 fichier(s) 23 559 412 octets 122 Rép(s) 156 295 135 232 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... HKLM\SYSTEM\CurrentControlSet\Services\winmgmt590b-7eef scanning hidden autostart entries ... scanning hidden files ... C:\WINDOWS\system32\windev-590b-7eef.sys 163840 bytes C:\WINDOWS\system32\windev-peers.ini 32768 bytes scan completed successfully hidden processes: 0 hidden services: 1 hidden files: 2 Liste des programmes installes 105462 Unistall 61478 Unistall 802.11 USB Wireless LAN Adapter Adobe Acrobat Reader 3.01 Adobe Flash Player 9 ActiveX Adobe Reader 6.0.1 Adobe Shockwave Player Adobe Type Manager 4.0 Agere Systems PCI Soft Modem ArcSoft Multimedia Email ATI Display Driver avast! Antivirus Barre d'outils MSN Big Fish Games Toolbar Camera Support Core Library Canon Camera Support Core Library Codeur Windows Media Série 9 Codeur Windows Media Série 9 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB891781 Creative WebCam Center Creative WebCam Vista Plus Driver (1.02.02.0414) eMule eMule0.47a MorphXT 8.1 ENPC PersoTEST EPSON Logiciel imprimante EPSON PhotoQuicker3.5 EPSON TWAIN 5 EPSON Web-To-Page ESC66 Guide de référence ESC66 Guide des logiciels GalleryPlayer Images GamesBar 1.0.0.9 Gestionnaire Internet Google Toolbar for Firefox High Definition Audio Driver Package - KB835221 High Definition Audio Driver Package - KB888111 HijackThis 1.99.1 Installer Yahoo! Messenger J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_05 Jeux Classiques Lecteur Windows Media 11 Les Sims 2 LFP Manager 06 Macromedia Flash Player Messenger Plus! Live Micro Application - Scrapbook Edition Spéciale Microsoft Office XP Professional avec FrontPage Microsoft Publisher 2002 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft XML Parser MSN Navigateur Orange NTI Backup NOW! 3 NTI Backup NOW! 3 NTI CD & DVD-Maker NTI CD & DVD-Maker Gold Picasa 2 PowerDVD Print@Fujicolor QuickTime QuickTime Realtek High Definition Audio Driver SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio Samsung PC Studio Samsung PC Studio 3 USB Driver Installer Samsung Samples Installer Sandlot Games Client Services ScanToWeb SimCity 3000 Tap'Touche 4 tomb TomTom HOME Ulead Photo Express 4.0 My Custom Edition Usb disk Driver Vodafone 804SS USB driver Software Wanadoo Messager WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:21 <REP> Adobe 08/12/2005 10:14 <REP> Adobe Type Manager 08/12/2005 10:17 <REP> Alwil Software 24/02/2006 18:10 <REP> ArcSoft 10/03/2006 14:14 <REP> AVSMedia 20/02/2007 17:54 <REP> BFG 20/02/2007 17:56 <REP> bfgtoolbar 18/02/2007 18:40 <REP> Boonty 18/02/2007 18:40 <REP> BoontyGames 25/12/2006 21:23 <REP> Canon 31/01/2007 22:44 <REP> ColiPoste 22/03/2005 14:19 <REP> ComPlus Applications 24/02/2006 18:07 <REP> Creative 22/03/2005 14:31 <REP> CyberLink 23/11/2005 17:55 <REP> EA GAMES 23/11/2005 16:37 <REP> EA SPORTS 23/01/2007 16:09 <REP> eMule 26/01/2007 16:21 6 596 038 emule0.47a.morphxt_8_1_installer.exe 07/02/2006 17:18 <REP> ENPC_PersoTEST1 06/12/2005 14:53 <REP> EPSON 22/03/2005 14:15 <REP> Fichiers communs 24/11/2005 13:33 <REP> Fujifilm 04/05/2006 21:58 <REP> Google 18/01/2007 18:14 <REP> Grisoft 17/01/2007 22:47 <REP> HijackThis 17/02/2007 15:05 <REP> Ihsv 22/03/2005 14:26 <REP> Intel 22/03/2005 14:19 <REP> Internet Explorer 06/03/2006 11:45 <REP> Inventel 28/08/2006 16:30 <REP> iWin 22/03/2005 14:27 <REP> Java 18/03/2006 13:45 <REP> Jeux classiques 27/12/2006 10:22 <REP> Lavasoft 12/07/2006 19:23 <REP> Maxis 22/03/2005 14:18 <REP> Messenger 24/12/2006 10:47 <REP> Messenger Plus! Live 09/01/2006 16:20 <REP> Micro Application 22/03/2005 14:22 <REP> microsoft frontpage 08/12/2005 10:04 <REP> Microsoft Office 08/12/2005 10:05 <REP> Microsoft Visual Studio 22/03/2005 14:19 <REP> Movie Maker 22/03/2005 14:18 <REP> MSN 25/02/2006 22:01 <REP> MSN Apps 07/06/2006 11:50 <REP> MSN Games 22/03/2005 14:18 <REP> MSN Gaming Zone 25/10/2006 22:57 <REP> MSN Messenger 22/03/2005 14:19 <REP> NetMeeting 22/03/2005 14:33 <REP> NewTech Infosystems 22/03/2005 14:19 <REP> Online Services 22/07/2006 15:17 <REP> orange 22/03/2005 14:19 <REP> Outlook Express 08/12/2005 10:13 <REP> PhotoDeluxe EE 1.0 23/01/2007 21:22 <REP> Picasa2 10/03/2006 11:54 <REP> QuickTime 27/06/2006 19:32 <REP> Real 22/03/2005 14:26 <REP> Realtek 27/06/2006 19:32 774 144 RngInterstitial.dll 01/02/2007 16:30 <REP> Samsung 28/07/2006 15:07 <REP> Securitoo 22/03/2005 14:20 <REP> Services en ligne 17/01/2007 19:05 <REP> Spyware Doctor 22/03/2005 14:28 <REP> Symantec 31/08/2006 21:14 <REP> Tap'Touche 4 25/03/2007 11:01 <REP> TomTom HOME 24/02/2006 18:09 <REP> Ulead Systems 05/11/2006 21:39 <REP> Virtools Web Player 3.5 06/07/2006 18:58 <REP> Wanadoo 06/07/2006 18:58 <REP> Wanadoo Messager 03/01/2007 12:01 <REP> Windows Media Components 22/03/2005 14:19 <REP> Windows Media Player 22/03/2005 14:18 <REP> Windows NT 17/01/2007 18:31 <REP> Winsos 22/03/2005 14:22 <REP> xerox 29/03/2006 23:26 <REP> Yahoo! 06/12/2006 20:58 <REP> Zylom Games 2 fichier(s) 7 370 182 octets 75 Rép(s) 156 295 004 160 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:15 <REP> Microsoft Shared 22/03/2005 14:15 <REP> SpeechEngines 22/03/2005 14:15 <REP> ODBC 22/03/2005 14:19 <REP> System 22/03/2005 14:19 <REP> MSSoap 22/03/2005 14:19 <REP> Services 22/03/2005 14:25 <REP> InstallShield 22/03/2005 14:27 <REP> Java 22/03/2005 14:29 <REP> Symantec Shared 04/12/2005 11:12 <REP> Adobe 08/12/2005 10:05 <REP> Designer 09/01/2006 16:20 <REP> Micro Application Shared 31/07/2006 14:00 278 528 FDEUnInstaller.exe 10/03/2006 14:14 <REP> AVSMedia 18/03/2006 13:45 <REP> Wise Installation Wizard 30/03/2006 21:22 <REP> Sandlot Shared 27/06/2006 19:32 <REP> Real 03/01/2007 11:40 <REP> MAGIX Shared 18/02/2007 18:41 <REP> BOONTY Shared 1 fichier(s) 278 528 octets 20 Rép(s) 156 295 004 160 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 22/03/2005 14:25 <REP> . 22/03/2005 14:25 <REP> .. 07/03/2001 07:00 127 033 MSOWS40c.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 08/12/2005 10:05 <REP> 1036 08/12/2005 10:05 <REP> 1033 15/02/2001 05:45 1 318 912 MSONSEXT.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 12/02/2001 04:03 684 032 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 156 295 004 160 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\ 18/01/2007 23:19 126 976 zip.exe 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 24/05/2001 12:59 162 304 UNWISE.EXE 11/04/2007 11:52 9 358 xx1232255.exe 5 fichier(s) 470 158 octets 0 Rép(s) 156 295 004 160 octets libres c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\Setup.exe c:\Documents and Settings\marion\Local Settings\Temp\Install_Messenger.exe c:\Documents and Settings\marion\Local Settings\Temp\Répertoire temporaire 1 pour killbox.zip\KillBox.exe c:\Documents and Settings\marion\Mes documents\msgpluslive-411.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\fixwareout.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\sdfix.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\dumphive.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\HostsChk.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Process.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Reboot.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\restart.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swreg.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swsc.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swxcacls.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\unzip.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\clean\clean\pskill.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\killbox\KillBox.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\catchme.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\diff.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\dumphive.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\Fport.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\grep.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\LFiles.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\pslist.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\streams.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\swreg.exe c:\Documents and Settings\marion\Mes documents\marion\install_messenger.exe c:\Documents and Settings\marion\Mes documents\marion\wmencoder.exe c:\Documents and Settings\marion\Bureau\emule0.47c-installer.exe c:\Documents and Settings\marion\Bureau\picasaweb-current-setup.exe c:\Documents and Settings\marion\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\marion\Application Data\WholeSecurity\CAT\WSUIEE.exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\OPW9P26M\zaasSetup_65_737_000_fr[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[2].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\ztool4[1].exe c:\Documents and Settings\guillaume\Mes documents\louvetain\rustbfix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\SDFix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\zaasSetup_65_737_000_fr.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\ATR1.EXE c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005Patch1_2.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\TrophyViewer.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\unins000.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\uninspro.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\WebLauncher.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsia.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsiw.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\setup.exe c:\Documents and Settings\guillaume\Bureau\clean\pskill.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swxcacls.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\delicious.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\babel.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setup.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setupx.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVIP}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{0000278T-TT9K-T8DU-1KFV-23O5NTEJMVU6}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU0}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-83VE-238SHC0H2VVH}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV2}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{002AVPFP-JHLQ-ABE3-SM6K-20DE4GEHCVVJ}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKO}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG5-V0BI-21QH2RV14VVR}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VUC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-LS5J-229F8D9V0VVC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-FTST-22EV6QAI2VV1}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG7-9568-243JELPN2VVD}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll et le rapport killbox: Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:36 PM Killbox Closed(Exit) @ 6:37:01 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:37 PM Killbox Closed(Exit) @ 6:37:31 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:37 PM # 1 [Delete on Reboot] Path = C:\WINDOWS\System32\vexga4m1et4.exe I Rebooted @ 6:39:52 PM Killbox Closed(Exit) @ 6:39:54 PM __________________________________________________ Pocket Killbox version 2.0.0.648 Running on Windows XP as marion(Administrator) was started @ mardi, avril 17, 2007, 6:42 PM
-
voici le rapport: C:\WINDOWS\System32\tmp.txt -->17/04/2007 15:24:40 C:\WINDOWS\System32\tmp.reg -->17/04/2007 15:24:40 C:\WINDOWS\System32\vexga4m1et4.exe -->17/04/2007 14:27:12 C:\WINDOWS\System32\vexg3am1et3.exe -->17/04/2007 14:27:10 C:\WINDOWS\System32\vexg4am1et2.exe -->17/04/2007 14:27:10 C:\WINDOWS\System32\vexg6ame4.exe -->17/04/2007 13:02:44 C:\WINDOWS\System32\cent.exe -->17/04/2007 08:29:28 C:\WINDOWS\System32\wpa.dbl -->17/04/2007 08:11:12 C:\WINDOWS\System32\FNTCACHE.DAT -->02/04/2007 19:07:54 C:\WINDOWS\System32\AdobeFnt.lst -->27/03/2007 14:46:16 C:\WINDOWS\System32\cszgj.exe -->12/03/2007 09:05:36 C:\WINDOWS\System32\PCANDIS5.sys -->23/01/2007 15:25:50 C:\WINDOWS\System32\W32N50.dll -->23/01/2007 15:25:50 C:\WINDOWS\System32\tmp9AF84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpB7F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpC4F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpD1F84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\tmpEEE84.FOT -->22/01/2007 21:50:36 C:\WINDOWS\System32\zllictbl.dat -->21/01/2007 22:43:48 C:\WINDOWS\System32\ikhcore.log -->17/01/2007 20:48:06 C:\WINDOWS\System32\CONFIG.NT -->17/01/2007 17:36:22 C:\WINDOWS\System32\dip.exe -->17/01/2007 15:34:36 C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:08 C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20 C:\WINDOWS\System32\LegitCheckControl.DLL -->12/12/2006 10:45:04 C:\WINDOWS\WindowsUpdate.log -->17/04/2007 16:18:00 C:\WINDOWS.log -->17/04/2007 16:06:48 C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->17/04/2007 16:06:10 C:\WINDOWS\wiadebug.log -->17/04/2007 16:06:04 C:\WINDOWS\bootstat.dat -->17/04/2007 16:05:48 C:\WINDOWS\setupact.log -->17/04/2007 15:26:10 C:\WINDOWS\ntbtlog.txt -->17/04/2007 15:23:30 C:\WINDOWS\SchedLgU.Txt -->17/04/2007 15:22:18 C:\WINDOWS\wiaservc.log -->17/04/2007 15:22:18 C:\WINDOWS\updater.exe.bin -->17/04/2007 08:11:56 C:\WINDOWS\wmsetup.log -->11/04/2007 12:06:52 C:\WINDOWS\updater.exe.tmp -->11/04/2007 11:55:10 C:\WINDOWS\NAVIGMA.INI -->05/04/2007 21:24:34 C:\WINDOWS\EPISMF00.SWB -->02/04/2007 19:40:14 C:\WINDOWS\setupapi.log -->02/04/2007 18:25:06 C:\WINDOWS\twunk_16.exe |01/01/1980 00:00:00 C:\WINDOWS\twunk_32.exe |01/01/1980 00:00:00 C:\WINDOWS\SETR.EXE |01/01/1980 00:00:00 C:\WINDOWS\AMOVE.EXE |01/01/1980 00:00:00 C:\WINDOWS\ALAUNCH.EXE |01/01/1980 00:00:00 C:\WINDOWS\EHIB.EXE |01/01/1980 00:00:00 C:\WINDOWS\GalleryPlayer Images Uninstaller.exe |03/10/2005 19:40:02 C:\WINDOWS\gmer.exe |21/01/2007 21:34:21 C:\WINDOWS\uninst.exe |06/01/2007 14:48:06 C:\WINDOWS\IsUninst.exe |06/01/2007 14:52:23 C:\WINDOWS\unvise32.exe |25/03/2007 11:01:47 C:\WINDOWS\AGRSMMSG.exe |01/01/1980 00:00:00 C:\WINDOWS\agrsmdel.exe |01/01/1980 00:00:00 C:\WINDOWS\SoundMan.exe |22/03/2005 14:26:50 C:\WINDOWS\RTHDCPL.EXE |22/03/2005 14:26:50 C:\WINDOWS\RTLCPL.EXE |22/03/2005 14:26:49 C:\WINDOWS\ALCWZRD.EXE |22/03/2005 14:26:50 C:\WINDOWS\unin040c.exe |08/12/2005 10:12:00 C:\WINDOWS\CtDrvIns.exe |24/02/2006 18:11:52 C:\WINDOWS\V0090Cfg.exe |24/02/2006 18:11:52 C:\WINDOWS\Ctregrun.exe |24/02/2006 18:12:30 C:\WINDOWS\IsUn040c.exe |11/02/2006 14:28:33 C:\WINDOWS\twain.dll |01/01/1980 00:00:00 C:\WINDOWS\twain_32.dll |01/01/1980 00:00:00 C:\WINDOWS\sysgtime.dll |07/01/2000 01:00:00 C:\WINDOWS\gmer.dll |21/01/2007 21:34:21 C:\WINDOWS\RtlExUpd.dll |03/04/2005 02:24:24 C:\WINDOWS\kpapi32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpcp32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpsys32.dll |08/12/2005 10:13:17 C:\WINDOWS\Sprof32.dll |08/12/2005 10:13:17 C:\WINDOWS\pcdlib32.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\append.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\debug.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34 C:\WINDOWS\system32\edlin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\exe2bin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\fastopen.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mem.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mscdexnt.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\nlsfunc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\setver.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\share.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\java.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\dosx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\redir.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\FTRTSVC.exe |23/01/2007 16:01:55 C:\WINDOWS\system32\javaw.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\aswBoot.exe |08/12/2005 10:17:54 C:\WINDOWS\system32\javaws.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\ASPTV.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\ASPFM.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\swreg.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swsc.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\dumphive.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swxcacls.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\pxhpinst.exe |23/01/2007 21:22:34 C:\WINDOWS\system32\fslfd.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\yenjm.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dip.exe |17/01/2007 15:34:34 C:\WINDOWS\system32\aoiqd.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\arlnl.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ilpjc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cesoa.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\bydyf.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cszgj.exe |21/03/2007 18:02:43 C:\WINDOWS\system32\vixwj.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\uhewj.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\smyun.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\vdbne.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cspqa.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mrkyl.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\phvqm.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\jcfaz.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\zfqis.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\cent.exe |17/04/2007 08:29:25 C:\WINDOWS\system32\Hdaudpropshortcut.exe |17/03/2004 15:10:40 C:\WINDOWS\system32\Process.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\SrchSTS.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\creLink.exe |22/03/2005 14:34:45 C:\WINDOWS\system32\CreMan.exe |22/03/2005 14:35:01 C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ChCfg.exe |03/04/2005 02:24:28 C:\WINDOWS\system32\HdAShCut.exe |07/01/2005 17:07:16 C:\WINDOWS\system32\MaggiUninstall60.exe |06/01/2007 14:48:19 C:\WINDOWS\system32\TVIcon.exe |23/11/2005 16:22:42 C:\WINDOWS\system32\vexg4am1et2.exe |11/04/2007 11:53:42 C:\WINDOWS\system32\vexg3am1et3.exe |17/04/2007 08:29:36 C:\WINDOWS\system32\vexga4m1et4.exe |17/04/2007 09:45:59 C:\WINDOWS\system32\vexg6ame4.exe |17/04/2007 09:46:00 C:\WINDOWS\system32\V0090Srv.exe |24/02/2006 18:11:52 C:\WINDOWS\system32\unwlsdrv.exe |06/01/2005 15:04:00 C:\WINDOWS\system32\ir32_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgaw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgdw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgmd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgpl400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsh400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06 C:\WINDOWS\system32\msencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbrccsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\tsd32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\win87em.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\amstream.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmfd.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmlib.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\compatUI.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\encdec.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\iccvid.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ieencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\msdmo.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\qedwipes.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\sbe.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbcsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbiop.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ltkrn13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\EqnClass.Dll |22/03/2005 14:15:29 C:\WINDOWS\system32\spxcoins.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgsetup.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgrpsetu.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\ltfil13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltdis13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltimg13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfbmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfcmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltefx13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfgif13n.dll |22/08/2006 17:54:52 C:\WINDOWS\system32\lame_enc.dll |11/04/2000 20:44:56 C:\WINDOWS\system32\epcomdd.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESDTR.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESICM.dll |29/11/2006 16:27:35 C:\WINDOWS\system32\esccm.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimg.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiab.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiad.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwian.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\px.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxmas.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxwave.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\vxblock.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\pxdrv.dll |23/01/2007 21:22:34 C:\WINDOWS\system32\mgxoschk.dll |03/01/2007 11:39:29 C:\WINDOWS\system32\INETWH32.dll |03/01/2007 11:39:50 C:\WINDOWS\system32\ROBOEX32.DLL |24/02/2006 18:09:53 C:\WINDOWS\system32\SHW32.DLL |27/03/2007 21:38:32 C:\WINDOWS\system32\hticons.dll |22/03/2005 14:18:52 C:\WINDOWS\system32\Hdaudprop.dll |17/03/2004 15:10:40 C:\WINDOWS\system32\isrdbg32.dll |22/03/2005 14:19:50 C:\WINDOWS\system32\Hdaudpropres.dll |18/03/2004 17:18:08 C:\WINDOWS\system32\NTICDMK32.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\NTIMPEG2.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30 C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38 C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56 C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36 C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29 C:\WINDOWS\system32\ntiembed.dll |22/03/2005 14:34:20 C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Esint23.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Esintpl.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Epfb5cpl.dll |29/11/2006 16:27:36 C:\WINDOWS\system32\HdAProp.dll |07/01/2005 17:07:16 C:\WINDOWS\system32\HdAudRes.dll |07/01/2005 17:07:04 C:\WINDOWS\system32\HtmlWH.dll |03/01/2007 11:39:49 C:\WINDOWS\system32\IfHelper.dll |23/01/2007 16:01:55 C:\WINDOWS\system32\RtlCPAPI.dll |22/03/2005 14:26:49 C:\WINDOWS\system32\vp6vfw.dll |23/11/2005 17:55:34 C:\WINDOWS\system32\fun_avcodec.dll |01/02/2007 16:30:54 C:\WINDOWS\system32\EBPMON24.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\ECBTEG.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\EBPCHP.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\E_DCINST.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\Epcmlib.dll |06/12/2005 14:54:51 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 02:53:58 C:\WINDOWS\system32\cppenv25.dll |08/12/2005 10:13:15 C:\WINDOWS\system32\EZIMG25.dll |08/12/2005 10:13:16 C:\WINDOWS\system32\WINSIZE.DLL |08/12/2005 10:13:16 C:\WINDOWS\system32\Snap32n.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\MSVCRT10.DLL |08/12/2005 10:13:17 C:\WINDOWS\system32\ATMDRVR.DLL |08/12/2005 10:14:25 C:\WINDOWS\system32\fun_mp4_dec.dll |01/02/2007 16:30:55 C:\WINDOWS\system32\fun_mp4_enc.dll |01/02/2007 16:30:55 C:\WINDOWS\system32\WooDial2000.dll |24/02/2006 17:42:20 C:\WINDOWS\system32\rnaph.dll |24/02/2006 17:42:13 C:\WINDOWS\system32\CtCamMgr.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\CtRegApp.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Hwx.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Pin.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Sti.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Vfw.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\hypertrm.dll |22/03/2005 14:18:48 C:\WINDOWS\system32\W32N50.dll |06/03/2006 11:22:41 C:\WINDOWS\system32\ffJmpWeb.dll |06/03/2006 11:38:09 C:\WINDOWS\system32\mcdvd_32.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\divx.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidcore.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidvfw.dll |10/03/2006 14:14:45 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system 23/08/2001 05:00 9 728 regsvr32.exe 1 fichier(s) 9 728 octets 0 Rép(s) 156 227 141 632 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system32 05/08/2004 05:00 6 144 csrss.exe 12/03/2007 09:05 52 759 cszgj.exe 05/08/2004 05:00 34 827 cspqa.exe 3 fichier(s) 93 730 octets 0 Rép(s) 156 227 141 632 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\Downloaded Program Files 22/03/2005 14:20 <REP> . 22/03/2005 14:20 <REP> .. 22/03/2005 14:20 65 desktop.ini 10/11/2005 14:05 876 jinstall-1_5_0_06.inf 14/05/2006 10:56 <REP> DinerDash.1.0.0.58 03/06/2002 17:53 144 QTPlugin.inf 19/06/2002 14:11 117 088 PURen-us.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 25/06/2006 12:50 1 793 erma.inf 26/05/2005 04:19 293 muweb.inf 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 20/12/2006 01:00 124 584 naveng32.dll 20/12/2006 01:00 882 344 navex32a.dll 20/12/2006 01:00 2 504 catalog.dat 20/12/2006 01:00 272 040 ecmsvr32.dll 20/12/2006 01:00 6 899 ecbootil.vxd 20/12/2006 01:00 32 virscant.dat 20/12/2006 01:00 974 242 virscan1.dat 20/12/2006 01:00 569 910 virscan2.dat 20/12/2006 01:00 147 296 virscan3.dat 20/12/2006 01:00 320 186 virscan4.dat 20/12/2006 01:00 3 086 703 virscan5.dat 20/12/2006 01:00 390 030 virscan6.dat 20/12/2006 01:00 5 396 298 virscan7.dat 20/12/2006 01:00 1 650 979 virscan8.dat 20/12/2006 01:00 3 940 959 virscan9.dat 20/12/2006 01:00 224 zdone.dat 20/12/2006 01:00 106 244 virscan.inf 20/12/2006 01:00 97 696 scrauth.dat 20/12/2006 01:00 453 tinf.dat 20/12/2006 01:00 148 tinfidx.dat 20/12/2006 01:00 1 957 tinfl.dat 20/12/2006 01:00 64 048 tscan1.dat 20/12/2006 01:00 3 072 tscan1hd.dat 20/12/2006 01:00 1 061 symaveng.inf 20/12/2006 01:00 9 237 symaveng.cat 20/12/2006 01:00 187 543 tcdefs.dat 20/12/2006 01:00 1 172 076 tcscan7.dat 20/12/2006 01:00 323 242 tcscan8.dat 20/12/2006 01:00 728 804 tcscan9.dat 20/12/2006 01:00 4 778 v.grd 20/12/2006 01:00 2 261 v.sig 28/12/2006 17:58 2 072 vscanmsx.dat 09/11/2006 14:36 5 019 swflash.inf 11/12/2006 16:44 367 LegitCheckControl.inf 09/01/2007 08:30 110 592 PURfr-fr.dll 44 fichier(s) 21 196 848 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:46 995 328 dinerdash.exe 14/05/2006 10:56 <REP> assets 1 fichier(s) 995 328 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 460 playfirst_logo.png 18/11/2005 09:43 11 803 strings.xml 14/05/2006 10:56 <REP> accessories 14/05/2006 10:56 <REP> backgrounds 14/05/2006 10:56 <REP> buttons 14/05/2006 10:56 <REP> comics 14/05/2006 10:56 <REP> config 14/05/2006 10:56 <REP> cook 14/05/2006 10:56 <REP> cursor 14/05/2006 10:56 <REP> flo 14/05/2006 10:56 <REP> fonts 14/05/2006 10:56 <REP> furniture 14/05/2006 10:56 <REP> hiscore 14/05/2006 10:56 <REP> layouts 14/05/2006 10:56 <REP> restaurants 14/05/2006 10:56 <REP> scripts 14/05/2006 10:56 <REP> splash 14/05/2006 10:56 <REP> ui 14/05/2006 10:56 <REP> audio 14/05/2006 10:56 <REP> customers 2 fichier(s) 17 263 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 568 cup.png 18/11/2005 09:43 619 customer_cup.png 18/11/2005 09:43 239 heart.png 18/11/2005 09:43 927 menu_down.png 18/11/2005 09:43 1 244 menu_up.png 18/11/2005 09:43 850 plates.png 18/11/2005 09:43 741 ticket.png 18/11/2005 09:43 1 639 tray.png 8 fichier(s) 6 827 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 319 choosedifficulty.png 18/11/2005 09:43 12 316 credits.jpg 18/11/2005 09:43 12 927 flo_lose.png 18/11/2005 09:43 13 807 flo_win.png 18/11/2005 09:43 16 725 help1.jpg 18/11/2005 09:43 18 595 help2.jpg 18/11/2005 09:43 14 327 highscores.jpg 18/11/2005 09:43 14 586 levelintro.jpg 18/11/2005 09:43 2 967 levelintro_mask.png 18/11/2005 09:43 14 582 levelover.jpg 18/11/2005 09:43 3 383 levelover_mask.png 18/11/2005 09:43 43 278 mainmenu.jpg 18/11/2005 09:43 7 362 popup.jpg 18/11/2005 09:43 1 899 popup_mask.png 18/11/2005 09:43 6 010 upgradegrid.png 18/11/2005 09:43 3 218 upgradetitle.png 18/11/2005 09:43 39 050 upsell.jpg 17 fichier(s) 226 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 825 arrowleft_blue.png 18/11/2005 09:43 995 arrowleft_yellow.png 18/11/2005 09:43 827 arrowright_blue.png 18/11/2005 09:43 991 arrowright_yellow.png 18/11/2005 09:43 2 326 backchalk.png 18/11/2005 09:43 2 960 backchalkup.png 18/11/2005 09:43 1 420 backtomenu_blue.png 18/11/2005 09:43 1 393 backtomenu_yellow.png 18/11/2005 09:43 1 795 back_blue.png 18/11/2005 09:43 1 761 back_yellow.png 18/11/2005 09:43 2 403 cancel.png 18/11/2005 09:43 2 368 cancelup.png 18/11/2005 09:43 2 722 career.png 18/11/2005 09:43 2 714 career_over.png 18/11/2005 09:43 2 156 close.png 18/11/2005 09:43 2 223 closeup.png 18/11/2005 09:43 3 346 continue.png 18/11/2005 09:43 3 208 continueover.png 18/11/2005 09:43 1 378 credits_blue.png 18/11/2005 09:43 1 365 credits_yellow.png 18/11/2005 09:43 2 073 download_blue.png 18/11/2005 09:43 2 081 download_yellow.png 18/11/2005 09:43 2 530 easy.png 18/11/2005 09:43 1 695 easy_over.png 18/11/2005 09:43 2 882 endlessshift.png 18/11/2005 09:43 2 886 endlessshift_over.png 18/11/2005 09:43 2 525 hard.png 18/11/2005 09:43 1 780 hard_over.png 18/11/2005 09:43 1 397 help.png 18/11/2005 09:43 1 395 help_over.png 18/11/2005 09:43 2 871 highscores.png 18/11/2005 09:43 2 871 highscores_over.png 18/11/2005 09:43 1 492 instructions_blue.png 18/11/2005 09:43 1 487 instructions_yellow.png 18/11/2005 09:43 1 491 letsplay.png 18/11/2005 09:43 1 491 letsplayover.png 18/11/2005 09:43 2 934 medium.png 18/11/2005 09:43 1 972 medium_over.png 18/11/2005 09:43 2 909 moreinfo.png 18/11/2005 09:43 2 903 moreinfoup.png 18/11/2005 09:43 580 off.png 18/11/2005 09:43 580 off_on.png 18/11/2005 09:43 505 on.png 18/11/2005 09:43 504 on_on.png 18/11/2005 09:43 827 pause.png 18/11/2005 09:43 843 pauseover.png 18/11/2005 09:43 2 835 quit.png 18/11/2005 09:43 3 776 quitgame.png 18/11/2005 09:43 3 122 quitgameover.png 18/11/2005 09:43 2 866 quitover.png 18/11/2005 09:43 3 762 resumegame.png 18/11/2005 09:43 3 196 resumegameover.png 18/11/2005 09:43 2 812 submit.png 18/11/2005 09:43 2 737 submitup.png 18/11/2005 09:43 3 175 tryagain.png 18/11/2005 09:43 3 244 tryagainover.png 18/11/2005 09:43 4 392 upgrade_over.png 18/11/2005 09:43 4 429 upgrade_up.png 18/11/2005 09:43 4 235 viewglobal.png 18/11/2005 09:43 4 219 viewglobalup.png 18/11/2005 09:43 3 710 viewhighscore.png 18/11/2005 09:43 3 250 viewhighscoreon.png 18/11/2005 09:43 4 189 viewlocal.png 18/11/2005 09:43 4 173 viewlocalup.png 64 fichier(s) 150 802 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 31 920 webcomic.jpg 1 fichier(s) 31 920 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 33 657 career.xml 18/11/2005 09:43 11 169 customer.xml 18/11/2005 09:43 17 741 endless.xml 18/11/2005 09:43 621 global.xml 18/11/2005 09:43 3 137 powerups.xml 5 fichier(s) 66 325 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 6 690 cook.png 18/11/2005 09:43 3 091 cook.xml 18/11/2005 09:43 228 stove.png 3 fichier(s) 10 009 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 773 arrow.png 18/11/2005 09:43 2 028 click.png 18/11/2005 09:43 1 926 click2.png 18/11/2005 09:43 1 726 grab.png 18/11/2005 09:43 2 274 open.png 5 fichier(s) 9 727 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 21 613 idle.png 18/11/2005 09:43 2 752 idle.xml 18/11/2005 09:43 6 943 lower.png 18/11/2005 09:43 2 177 lower.xml 18/11/2005 09:43 16 974 upper.png 18/11/2005 09:43 6 892 upper.xml 6 fichier(s) 57 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 36 107 arial.mvec 18/11/2005 09:43 34 231 komikaaxis.mvec 2 fichier(s) 70 338 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 529 chair.png 18/11/2005 09:43 2 914 chair.xml 18/11/2005 09:43 1 512 dirt2top.png 18/11/2005 09:43 1 762 dirt4top.png 18/11/2005 09:43 11 831 dishcart.png 18/11/2005 09:43 1 455 dishcart.xml 18/11/2005 09:43 2 990 drinkstation_off.png 18/11/2005 09:43 3 248 drinkstation_on1.png 18/11/2005 09:43 2 965 drinkstation_on2.png 18/11/2005 09:43 14 012 ticketstation.png 18/11/2005 09:43 2 621 ticketstation.xml 11 fichier(s) 50 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 700 arrowdown.png 18/11/2005 09:43 699 arrowdownon.png 18/11/2005 09:43 684 arrowleft.png 18/11/2005 09:43 684 arrowlefton.png 18/11/2005 09:43 677 arrowright.png 18/11/2005 09:43 679 arrowrighton.png 18/11/2005 09:43 701 arrowup.png 18/11/2005 09:43 703 arrowupon.png 18/11/2005 09:43 357 p1icon.png 18/11/2005 09:43 3 844 textedit.png 18/11/2005 09:43 2 066 title.png 11 fichier(s) 11 794 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 301 endless_1_1.txt 18/11/2005 09:43 301 endless_1_1_a.txt 18/11/2005 09:43 301 endless_1_1_b.txt 18/11/2005 09:43 301 endless_1_1_c.txt 18/11/2005 09:43 301 endless_1_2.txt 18/11/2005 09:43 301 endless_1_2_a.txt 18/11/2005 09:43 313 endless_1_2_b.txt 18/11/2005 09:43 301 endless_1_2_c.txt 18/11/2005 09:43 301 endless_1_2_d.txt 18/11/2005 09:43 301 endless_1_3.txt 18/11/2005 09:43 301 endless_1_3_a.txt 18/11/2005 09:43 301 endless_1_3_b.txt 18/11/2005 09:43 301 endless_1_3_c.txt 18/11/2005 09:43 301 endless_1_3_d.txt 18/11/2005 09:43 313 fifth_level_diner.txt 18/11/2005 09:43 313 first_level_diner.txt 18/11/2005 09:43 313 fourth_level_diner.txt 18/11/2005 09:43 313 second_level_diner.txt 18 fichier(s) 5 478 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 996 tableshadow.png 14/05/2006 10:56 <REP> diner 1 fichier(s) 2 996 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 23 014 background.jpg 18/11/2005 09:43 443 upgrades.xml 14/05/2006 10:56 <REP> food 14/05/2006 10:56 <REP> frames 14/05/2006 10:56 <REP> tables 2 fichier(s) 23 457 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 323 food1.png 18/11/2005 09:43 679 food1.xml 18/11/2005 09:43 3 217 food2.png 18/11/2005 09:43 678 food2.xml 18/11/2005 09:43 3 263 food3.png 18/11/2005 09:43 678 food3.xml 6 fichier(s) 11 838 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 28 970 upgrade_0001.png 1 fichier(s) 28 970 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 142 2top.png 18/11/2005 09:43 1 757 2top.xml 18/11/2005 09:43 1 926 4top.png 18/11/2005 09:43 2 227 4top.xml 4 fichier(s) 8 052 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 947 choosedifficulty.lua 18/11/2005 09:43 3 861 chooseplayer.lua 18/11/2005 09:43 1 497 chooserestaurant.lua 18/11/2005 09:43 8 311 credits.lua 18/11/2005 09:43 3 992 game.lua 18/11/2005 09:43 1 300 gothighscore.lua 18/11/2005 09:43 2 500 help.lua 18/11/2005 09:43 3 381 help2.lua 18/11/2005 09:43 14 475 hiscore.lua 18/11/2005 09:43 702 hiscoreinfo.lua 18/11/2005 09:43 3 784 hiscoresubmit.lua 18/11/2005 09:43 1 582 levelintro.lua 18/11/2005 09:43 3 623 levelover.lua 18/11/2005 09:43 775 loading.lua 18/11/2005 09:43 569 mainloop.lua 18/11/2005 09:43 2 548 mainmenu.lua 18/11/2005 09:43 836 ok.lua 18/11/2005 09:43 2 057 pause.lua 18/11/2005 09:43 1 323 style.lua 18/11/2005 09:43 1 521 tutorialintro.lua 18/11/2005 09:43 2 754 upgrade.lua 18/11/2005 09:43 943 upsell.lua 18/11/2005 09:43 2 202 webcomic.lua 18/11/2005 09:43 1 516 yesno.lua 24 fichier(s) 67 999 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 7 639 gamelabsplash.jpg 18/11/2005 09:43 21 506 playfirst_logo.jpg 2 fichier(s) 29 145 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 181 angersmoke.png 18/11/2005 09:43 1 179 angersmoke.xml 18/11/2005 09:43 2 098 chairflags.png 18/11/2005 09:43 1 884 chairflags.xml 18/11/2005 09:43 1 641 check.png 18/11/2005 09:43 335 checkmark.png 18/11/2005 09:43 9 739 clock.png 18/11/2005 09:43 3 021 closed.png 18/11/2005 09:43 5 511 closingtime.png 18/11/2005 09:43 2 511 coinflip.png 18/11/2005 09:43 1 146 coinflip.xml 18/11/2005 09:43 1 182 dollar.png 18/11/2005 09:43 6 341 expert.png 18/11/2005 09:43 3 910 expertscore.png 18/11/2005 09:43 5 463 foodpoof.png 18/11/2005 09:43 640 foodpoof.xml 18/11/2005 09:43 2 676 fork_timer.png 18/11/2005 09:43 2 680 goalcompleted.png 18/11/2005 09:43 2 013 heartgrow.png 18/11/2005 09:43 1 117 heartgrow.xml 18/11/2005 09:43 18 939 jar.png 18/11/2005 09:43 941 jar.xml 18/11/2005 09:43 10 376 level.png 18/11/2005 09:43 4 276 level_career.png 18/11/2005 09:43 8 910 score.png 18/11/2005 09:43 697 sound.png 18/11/2005 09:43 862 staroff.png 18/11/2005 09:43 1 830 staron.png 18/11/2005 09:43 2 187 tablenumber.png 18/11/2005 09:43 2 303 tablenumberup.png 18/11/2005 09:43 419 traynumber.png 18/11/2005 09:43 1 014 tutorialarrow.png 18/11/2005 09:43 1 880 tutorialbox.png 18/11/2005 09:43 6 924 tutorial_character.png 18/11/2005 09:43 11 027 upgradeanim.png 18/11/2005 09:43 1 457 upgradeanim.xml 14/05/2006 10:56 <REP> doodles 14/05/2006 10:56 <REP> upgrades 36 fichier(s) 132 310 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 155 coffee.png 18/11/2005 09:43 3 960 tables.png 18/11/2005 09:43 2 928 wallpaper.png 3 fichier(s) 12 043 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 301 drinks.png 18/11/2005 09:43 4 505 maitred.png 18/11/2005 09:43 3 783 oven.png 18/11/2005 09:43 4 177 select.png 18/11/2005 09:43 2 482 shoes.png 18/11/2005 09:43 4 267 stereo.png 18/11/2005 09:43 3 924 table.png 7 fichier(s) 25 439 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> music 14/05/2006 10:56 <REP> sfx 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 55 809 mainmenumusic.ogg 1 fichier(s) 55 809 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 299 sfx_bring_check_1_snd.ogg 18/11/2005 09:43 3 602 sfx_deliver_food_1_snd.ogg 18/11/2005 09:43 5 560 sfx_deliver_order_1_snd.ogg 18/11/2005 09:43 9 248 sfx_diner.ogg 18/11/2005 09:43 3 906 sfx_dish_dropoff_1_snd.ogg 18/11/2005 09:43 3 932 sfx_food_ready_1_snd.ogg 18/11/2005 09:43 3 650 sfx_gain_heart_1.ogg 18/11/2005 09:43 14 169 sfx_get_drinks_1_snd.ogg 18/11/2005 09:43 6 727 sfx_party_arrive_1_snd.ogg 18/11/2005 09:43 4 861 sfx_pencil_write_2.ogg 18/11/2005 09:43 4 413 sfx_pickup_food_1_snd.ogg 18/11/2005 09:43 2 868 sfx_rollover_1.ogg 18/11/2005 09:43 4 862 sfx_seat_people_snd.ogg 13 fichier(s) 73 097 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> old_male 14/05/2006 10:56 <REP> young_female 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 644 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 644 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 880 anim.png 18/11/2005 09:43 1 479 anim.xml 18/11/2005 09:43 678 sit_legs.png 3 fichier(s) 17 037 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 567 anim.png 18/11/2005 09:43 1 481 anim.xml 18/11/2005 09:43 626 sit_legs.png 3 fichier(s) 16 674 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 859 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 640 sit_legs.png 3 fichier(s) 16 982 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 840 anim.png 18/11/2005 09:43 1 477 anim.xml 18/11/2005 09:43 649 sit_legs.png 3 fichier(s) 16 966 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 982 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 786 sit_legs.png 3 fichier(s) 17 251 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 571 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 571 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 922 anim.png 18/11/2005 09:43 1 485 anim.xml 18/11/2005 09:43 476 sit_legs.png 3 fichier(s) 13 883 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 759 anim.png 18/11/2005 09:43 1 487 anim.xml 18/11/2005 09:43 448 sit_legs.png 3 fichier(s) 13 694 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 875 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 475 sit_legs.png 3 fichier(s) 13 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 584 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 466 sit_legs.png 3 fichier(s) 13 533 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 12 011 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 483 sit_legs.png 3 fichier(s) 13 983 octets Total des fichiers listés : 330 fichier(s) 23 559 412 octets 122 Rép(s) 156 226 093 056 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Liste des programmes installes 105462 Unistall 61478 Unistall 802.11 USB Wireless LAN Adapter Adobe Acrobat Reader 3.01 Adobe Flash Player 9 ActiveX Adobe Reader 6.0.1 Adobe Shockwave Player Adobe Type Manager 4.0 Agere Systems PCI Soft Modem ArcSoft Multimedia Email ATI Display Driver avast! Antivirus Barre d'outils MSN Big Fish Games Toolbar Camera Support Core Library Canon Camera Support Core Library Codeur Windows Media Série 9 Codeur Windows Media Série 9 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB891781 Creative WebCam Center Creative WebCam Vista Plus Driver (1.02.02.0414) eMule eMule0.47a MorphXT 8.1 ENPC PersoTEST EPSON Logiciel imprimante EPSON PhotoQuicker3.5 EPSON TWAIN 5 EPSON Web-To-Page ESC66 Guide de référence ESC66 Guide des logiciels GalleryPlayer Images GamesBar 1.0.0.9 Gestionnaire Internet Google Toolbar for Firefox High Definition Audio Driver Package - KB835221 High Definition Audio Driver Package - KB888111 HijackThis 1.99.1 Installer Yahoo! Messenger J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_05 Jeux Classiques Lecteur Windows Media 11 Les Sims 2 LFP Manager 06 Macromedia Flash Player Messenger Plus! Live Micro Application - Scrapbook Edition Spéciale Microsoft Office XP Professional avec FrontPage Microsoft Publisher 2002 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft XML Parser MSN Navigateur Orange NTI Backup NOW! 3 NTI Backup NOW! 3 NTI CD & DVD-Maker NTI CD & DVD-Maker Gold Picasa 2 PowerDVD Print@Fujicolor QuickTime QuickTime Realtek High Definition Audio Driver SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio Samsung PC Studio Samsung PC Studio 3 USB Driver Installer Samsung Samples Installer Sandlot Games Client Services ScanToWeb SimCity 3000 Tap'Touche 4 tomb TomTom HOME Ulead Photo Express 4.0 My Custom Edition Usb disk Driver Vodafone 804SS USB driver Software Wanadoo Messager WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:21 <REP> Adobe 08/12/2005 10:14 <REP> Adobe Type Manager 08/12/2005 10:17 <REP> Alwil Software 24/02/2006 18:10 <REP> ArcSoft 10/03/2006 14:14 <REP> AVSMedia 20/02/2007 17:54 <REP> BFG 20/02/2007 17:56 <REP> bfgtoolbar 18/02/2007 18:40 <REP> Boonty 18/02/2007 18:40 <REP> BoontyGames 25/12/2006 21:23 <REP> Canon 31/01/2007 22:44 <REP> ColiPoste 22/03/2005 14:19 <REP> ComPlus Applications 24/02/2006 18:07 <REP> Creative 22/03/2005 14:31 <REP> CyberLink 23/11/2005 17:55 <REP> EA GAMES 23/11/2005 16:37 <REP> EA SPORTS 23/01/2007 16:09 <REP> eMule 26/01/2007 16:21 6 596 038 emule0.47a.morphxt_8_1_installer.exe 07/02/2006 17:18 <REP> ENPC_PersoTEST1 06/12/2005 14:53 <REP> EPSON 22/03/2005 14:15 <REP> Fichiers communs 24/11/2005 13:33 <REP> Fujifilm 04/05/2006 21:58 <REP> Google 18/01/2007 18:14 <REP> Grisoft 17/01/2007 22:47 <REP> HijackThis 17/02/2007 15:05 <REP> Ihsv 22/03/2005 14:26 <REP> Intel 22/03/2005 14:19 <REP> Internet Explorer 06/03/2006 11:45 <REP> Inventel 28/08/2006 16:30 <REP> iWin 22/03/2005 14:27 <REP> Java 18/03/2006 13:45 <REP> Jeux classiques 27/12/2006 10:22 <REP> Lavasoft 12/07/2006 19:23 <REP> Maxis 22/03/2005 14:18 <REP> Messenger 24/12/2006 10:47 <REP> Messenger Plus! Live 09/01/2006 16:20 <REP> Micro Application 22/03/2005 14:22 <REP> microsoft frontpage 08/12/2005 10:04 <REP> Microsoft Office 08/12/2005 10:05 <REP> Microsoft Visual Studio 22/03/2005 14:19 <REP> Movie Maker 22/03/2005 14:18 <REP> MSN 25/02/2006 22:01 <REP> MSN Apps 07/06/2006 11:50 <REP> MSN Games 22/03/2005 14:18 <REP> MSN Gaming Zone 25/10/2006 22:57 <REP> MSN Messenger 22/03/2005 14:19 <REP> NetMeeting 22/03/2005 14:33 <REP> NewTech Infosystems 22/03/2005 14:19 <REP> Online Services 22/07/2006 15:17 <REP> orange 22/03/2005 14:19 <REP> Outlook Express 08/12/2005 10:13 <REP> PhotoDeluxe EE 1.0 23/01/2007 21:22 <REP> Picasa2 10/03/2006 11:54 <REP> QuickTime 27/06/2006 19:32 <REP> Real 22/03/2005 14:26 <REP> Realtek 27/06/2006 19:32 774 144 RngInterstitial.dll 01/02/2007 16:30 <REP> Samsung 28/07/2006 15:07 <REP> Securitoo 22/03/2005 14:20 <REP> Services en ligne 17/01/2007 19:05 <REP> Spyware Doctor 22/03/2005 14:28 <REP> Symantec 31/08/2006 21:14 <REP> Tap'Touche 4 25/03/2007 11:01 <REP> TomTom HOME 24/02/2006 18:09 <REP> Ulead Systems 05/11/2006 21:39 <REP> Virtools Web Player 3.5 06/07/2006 18:58 <REP> Wanadoo 06/07/2006 18:58 <REP> Wanadoo Messager 03/01/2007 12:01 <REP> Windows Media Components 22/03/2005 14:19 <REP> Windows Media Player 22/03/2005 14:18 <REP> Windows NT 17/01/2007 18:31 <REP> Winsos 22/03/2005 14:22 <REP> xerox 29/03/2006 23:26 <REP> Yahoo! 06/12/2006 20:58 <REP> Zylom Games 2 fichier(s) 7 370 182 octets 75 Rép(s) 156 226 912 256 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:15 <REP> Microsoft Shared 22/03/2005 14:15 <REP> SpeechEngines 22/03/2005 14:15 <REP> ODBC 22/03/2005 14:19 <REP> System 22/03/2005 14:19 <REP> MSSoap 22/03/2005 14:19 <REP> Services 22/03/2005 14:25 <REP> InstallShield 22/03/2005 14:27 <REP> Java 22/03/2005 14:29 <REP> Symantec Shared 04/12/2005 11:12 <REP> Adobe 08/12/2005 10:05 <REP> Designer 09/01/2006 16:20 <REP> Micro Application Shared 31/07/2006 14:00 278 528 FDEUnInstaller.exe 10/03/2006 14:14 <REP> AVSMedia 18/03/2006 13:45 <REP> Wise Installation Wizard 30/03/2006 21:22 <REP> Sandlot Shared 27/06/2006 19:32 <REP> Real 03/01/2007 11:40 <REP> MAGIX Shared 18/02/2007 18:41 <REP> BOONTY Shared 1 fichier(s) 278 528 octets 20 Rép(s) 156 226 912 256 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 22/03/2005 14:25 <REP> . 22/03/2005 14:25 <REP> .. 07/03/2001 07:00 127 033 MSOWS40c.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 08/12/2005 10:05 <REP> 1036 08/12/2005 10:05 <REP> 1033 15/02/2001 05:45 1 318 912 MSONSEXT.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 12/02/2001 04:03 684 032 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 156 226 912 256 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\ 18/01/2007 23:19 126 976 zip.exe 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 24/05/2001 12:59 162 304 UNWISE.EXE 11/04/2007 11:52 9 358 xx1232255.exe 5 fichier(s) 470 158 octets 0 Rép(s) 156 226 912 256 octets libres c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\Setup.exe c:\Documents and Settings\marion\Local Settings\Temp\Install_Messenger.exe c:\Documents and Settings\marion\Mes documents\msgpluslive-411.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\fixwareout.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\sdfix.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\dumphive.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\HostsChk.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Process.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Reboot.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\restart.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swreg.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swsc.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swxcacls.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\unzip.exe c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\clean\clean\pskill.exe c:\Documents and Settings\marion\Mes documents\marion\install_messenger.exe c:\Documents and Settings\marion\Mes documents\marion\wmencoder.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\marion\Bureau\emule0.47c-installer.exe c:\Documents and Settings\marion\Bureau\picasaweb-current-setup.exe c:\Documents and Settings\marion\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\marion\Application Data\WholeSecurity\CAT\WSUIEE.exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\OPW9P26M\zaasSetup_65_737_000_fr[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[2].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\ztool4[1].exe c:\Documents and Settings\guillaume\Mes documents\louvetain\rustbfix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\SDFix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\zaasSetup_65_737_000_fr.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\ATR1.EXE c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005Patch1_2.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\TrophyViewer.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\unins000.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\uninspro.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\WebLauncher.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsia.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsiw.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\setup.exe c:\Documents and Settings\guillaume\Bureau\clean\pskill.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swxcacls.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\delicious.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\babel.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setup.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setupx.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVIP}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{0000278T-TT9K-T8DU-1KFV-23O5NTEJMVU6}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU0}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-83VE-238SHC0H2VVH}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV2}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{002AVPFP-JHLQ-ABE3-SM6K-20DE4GEHCVVJ}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKO}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG5-V0BI-21QH2RV14VVR}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VUC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-LS5J-229F8D9V0VVC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-FTST-22EV6QAI2VV1}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG7-9568-243JELPN2VVD}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
-
Voici le rapport clean: Script execute en mode sans echec Rapport clean par Malekal_morte - http://www.malekal.com Script execute en mode sans echec 17/04/2007 a 15:25:43,01 Microsoft Windows XP [version 5.1.2600] *** Suppression des fichiers dans C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 tentative de suppression de C:\WINDOWS\system32\dlh9jkd?q?.exe tentative de suppression de C:\WINDOWS\system32\vx.tll tentative de suppression de "C:\WINDOWS\Downloaded Program Files\*_*_*NetInstaller.exe" tentative de suppression de "C:\Documents and Settings\marion\Application Data\hbtools\" *** Suppression des fichiers dans C:\Program Files tentative de suppression de "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\" tentative de suppression de "C:\Program Files\BraveSentry\" tentative de suppression de "C:\Program Files\GamesBar\" *** Suppression des clefs du registre effectuee.. *** Fin du rapport ! le rapport SDfix: SDFix: Version 1.78 Run by marion - 17/04/2007 - 15:27:34,25 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\Documents and Settings\marion\Local Settings\Temp\2.dllb - Deleted C:\Documents and Settings\marion\Local Settings\Temp\6.dllb - Deleted C:\Documents and Settings\marion\Local Settings\Temp\7.dllb - Deleted C:\WINDOWS\system32\zup.exe.exe - Deleted C:\WINDOWS\system32\inst.exe.exe - Deleted C:\DOCUME~1\marion\LOCALS~1\Temp\7a2951bd-5980-e70d-29d8-8b3e51a4ca66.tmp.exe - Deleted C:\DOCUME~1\marion\LOCALS~1\Temp\temp.exe - Deleted C:\WINDOWS\system32\peers.ini - Deleted C:\WINDOWS\system32\svcp.csv - Deleted C:\WINDOWS\system32\vexga4me1.exe - Deleted C:\WINDOWS\system32\vexga5me3.exe - Deleted Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Jeux classiques\\Bin\\CmCenterV2.exe"="C:\\Program Files\\Jeux classiques\\Bin\\CmCenterV2.exe:*:Disabled:CmCenter Module" "C:\\Documents and Settings\\guillaume\\Mes documents\\Deer Hunter 2005\\DH2005.exe"="C:\\Documents and Settings\\guillaume\\Mes documents\\Deer Hunter 2005\\DH2005.exe:*:Enabled:DH2005" "C:\\My Games\\JEOPARDY!\\JEOPARDY!.exe"="C:\\My Games\\JEOPARDY!\\JEOPARDY!.exe:*:Disabled:JEOPARDY!" "C:\\WINDOWS\\System32\\dpvsetup.exe"="C:\\WINDOWS\\System32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Disabled:Navigateur Internet" "C:\\Program Files\\EA SPORTS\\Madden NFL 2003\\mainapp.exe"="C:\\Program Files\\EA SPORTS\\Madden NFL 2003\\mainapp.exe:*:Disabled:mainapp" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\WINDOWS\\system32\\dllcache\\svcshoter.exe"="C:\\WINDOWS\\system32\\dllcache\\svcshoter.exe:*:Enabled:Microsoft Star Window Service" "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:svchost" "C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos" "C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos" "C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help" "C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player" "C:\\Program Files\\Windows Media Components\\Encoder\\WMEnc.exe"="C:\\Program Files\\Windows Media Components\\Encoder\\WMEnc.exe:*:Enabled:Windows Media Encoder" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Checking For Files with Hidden Attributes: C:\WINDOWS\system32\NTICDMK32.dll C:\WINDOWS\system32\NTIMPEG2.dll C:\WINDOWS\system32\ntiembed.dll C:\Program Files\Picasa2\setup.exe C:\Documents and Settings\marion\Mes documents\chasse\SIV4.tmp C:\Documents and Settings\marion\Mes documents\cuisine\plat\~WRL0002.tmp C:\Documents and Settings\marion\Mes documents\cuisine\plat\~WRL0005.tmp Finished le rapport SmitFraudfix: SmitFraudFix v2.169 Rapport fait à 15:24:34,20, 17/04/2007 Executé à partir de C:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\xpupdate.exe supprimé C:\WINDOWS\system32\kernels32.exe supprimé C:\Documents and Settings\marion\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBlast v5.0.lnk supprimé détecté ! utilisez un scanner de Rootkit »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin et le log HiJackThis: Logfile of HijackThis v1.99.1 Scan saved at 15:40:29, on 17/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\WANADOO\Watch.exe C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
-
voici mes différents rapports: SmitFraudFix v2.169 Rapport fait à 12:59:04,84, 17/04/2007 Executé à partir de C:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\WINDOWS\system32\kernels32.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\xpupdate.exe C:\Program Files\BraveSentry\BraveSentry.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WANADOO\Watch.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\PROGRA~1\WANADOO\WOOBRO~1\DownloadManager.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\xpupdate.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\kernels32.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion\Application Data C:\Documents and Settings\marion\Application Data\Install.dat PRESENT ! C:\Documents and Settings\marion\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBlast v5.0.lnk PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\marion\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\BraveSentry\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "system"="cshky.exe" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32 »»»»»»»»»»»»»»»»»»»»»»»» DNS Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.56 DNS Server Search Order: 85.255.112.146 Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Inventel Gateway #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.56 DNS Server Search Order: 85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin SmitFraudFix v2.169 Rapport fait à 12:59:04,84, 17/04/2007 Executé à partir de C:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\WINDOWS\system32\kernels32.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\xpupdate.exe C:\Program Files\BraveSentry\BraveSentry.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WANADOO\Watch.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\PROGRA~1\WANADOO\WOOBRO~1\DownloadManager.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\xpupdate.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\kernels32.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion\Application Data C:\Documents and Settings\marion\Application Data\Install.dat PRESENT ! C:\Documents and Settings\marion\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBlast v5.0.lnk PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\marion\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\BraveSentry\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "system"="cshky.exe" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32 »»»»»»»»»»»»»»»»»»»»»»»» DNS Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.56 DNS Server Search Order: 85.255.112.146 Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté ! Description: Inventel Gateway #2 - Miniport d'ordonnancement de paquets DNS Server Search Order: 85.255.116.56 DNS Server Search Order: 85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Logfile of HijackThis v1.99.1 Scan saved at 13:15:38, on 17/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\WINDOWS\system32\kernels32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\Program Files\BraveSentry\BraveSentry.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\WANADOO\Watch.exe C:\WINDOWS\system32\dlh9jkd1q2.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winpornvids.com/ to verify your age, REQUIRED! WARNING! Adult pictures are featured in this site. Only adults permitted beyond this point! Are you at least 18 years old R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\kernels32.exe O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [brave-Sentry] C:\Program Files\BraveSentry\BraveSentry.exe O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe Fixwareout Last edited 4/5/2007 Post this report in the forums please ... »»»»»Prerun check »»»»» System restarted »»»»» Postrun check HKLM\SOFTWARE\~\Winlogon\ "system"="" .... .... »»»»» Misc files. C:\WINDOWS\xpupdate.exe Deleted .... »»»»» Checking for older varients. .... Search five digit cs, dm, kd, jb, other, files. The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection. C:\WINDOWS\system32\cszgj.exe 52759 12/03/2007 C:\WINDOWS\system32\cspqa.exe 34827 05/08/2004 Click browse, find the file then click submit. http://www.virustotal.com/flash/index_en.html Or http://virusscan.jotti.org/ »»»»» Other C:\WINDOWS\TEMP\dmauj.ren 57877 05/08/2004 »»»»» Current runs [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "MPS"="C:\\ACER\\PSM.EXE" "AGRSMMSG"="AGRSMMSG.exe" "High Definition Audio Property Page Shortcut"="HDAShCut.exe" "SoundMan"="SOUNDMAN.EXE" "AlcWzrd"="ALCWZRD.EXE" "Alcmtr"="ALCMTR.EXE" "Alaunch"="C:\\Windows\\alaunch.exe" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "Creative WebCam Tray"="C:\\Program Files\\Creative\\Shared Files\\CAMTRAY.EXE" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "Anniversaires"="C:\\Anuman Interactive\\Le journal de votre naissance\\anniv.exe" "WOOWATCH"="C:\\PROGRA~1\\WANADOO\\Watch.exe" "WOOTASKBARICON"="C:\\PROGRA~1\\WANADOO\\GestMaj.exe TaskBarIcon.exe" "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" "SDR6V_Check"="\"C:\\Program Files\\Fichiers communs\\DriveCleaner 2006 Free\\SDRmon.exe\"" "System"="C:\\WINDOWS\\system32\\kernels32.exe" "runner1"="C:\\WINDOWS\\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "WOOKIT"="C:\\PROGRA~1\\WANADOO\\Shell.exe appLaunchClientZone.shl|PARAM= cnx" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" @="" "Brave-Sentry"="C:\\Program Files\\BraveSentry\\BraveSentry.exe" .... Hosts file was reset, If you use a custom hosts file please replace it »»»»» End report »»»»»
-
Bonjour mon ordinateur est infecté par un cheval de troie je vous envoie mon rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 12:52:00, on 17/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\WINDOWS\system32\kernels32.exe C:\PROGRA~1\WANADOO\TaskBarIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\xpupdate.exe C:\Program Files\BraveSentry\BraveSentry.exe C:\PROGRA~1\WANADOO\GestionnaireInternet.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\WANADOO\Toaster.exe C:\PROGRA~1\WANADOO\Inactivity.exe C:\PROGRA~1\WANADOO\PollingModule.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WANADOO\Watch.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\WINDOWS\system32\dlh9jkd1q6.exe C:\WINDOWS\system32\dlh9jkd1q7.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10MT2.EXE C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winpornvids.com/ to verify your age, REQUIRED! WARNING! Adult pictures are featured in this site. Only adults permitted beyond this point! Are you at least 18 years old R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe" O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\kernels32.exe O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe O4 - HKCU\..\Run: [brave-Sentry] C:\Program Files\BraveSentry\BraveSentry.exe O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer = 85.255.116.56,85.255.112.146 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Windows Management Service - Unknown owner - C:\WINDOWS\system32\dmauj.exe merci d'avance
-
besoin d'un rapport HijackThis
haguima a répondu à un(e) sujet de haguima dans Analyses et éradication malwares
merci encore pour votre aide -
besoin d'un rapport HijackThis
haguima a répondu à un(e) sujet de haguima dans Analyses et éradication malwares
Scan taken on 22 Jan 2007 19:50:11 (GMT) AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing VirusBuster Found nothing VBA32 Found nothing -
besoin d'un rapport HijackThis
haguima a répondu à un(e) sujet de haguima dans Analyses et éradication malwares
effectivement l'ordinateur va mieux voici les nouveaux rapports: C:\WINDOWS\System32\vsconfig.xml -->22/01/2007 17:46:26 C:\WINDOWS\System32\PCANDIS5.sys -->21/01/2007 22:58:22 C:\WINDOWS\System32\W32N50.dll -->21/01/2007 22:58:22 C:\WINDOWS\System32\zllictbl.dat -->21/01/2007 22:43:48 C:\WINDOWS\System32\tmp.txt -->18/01/2007 18:29:52 C:\WINDOWS\System32\tmp.reg -->18/01/2007 18:29:52 C:\WINDOWS\System32\peers.ini -->17/01/2007 21:35:58 C:\WINDOWS\System32\ikhcore.log -->17/01/2007 20:48:06 C:\WINDOWS\System32\wpa.dbl -->17/01/2007 19:20:26 C:\WINDOWS\System32\CONFIG.NT -->17/01/2007 17:36:22 C:\WINDOWS\System32\dip.exe -->17/01/2007 15:34:36 C:\WINDOWS\System32\AdobeFnt.lst -->17/01/2007 12:06:52 C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:08 C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20 C:\WINDOWS\System32\FNTCACHE.DAT -->04/01/2007 09:00:22 C:\WINDOWS\System32\LegitCheckControl.DLL -->12/12/2006 10:45:04 C:\WINDOWS\System32\swxcacls.exe -->01/12/2006 05:20:34 C:\WINDOWS\System32\mgxoschk.dll -->13/09/2006 13:44:22 C:\WINDOWS\System32\swreg.exe -->29/08/2006 18:43:54 C:\WINDOWS\System32\vsutil_loc040c.dll -->23/08/2006 23:39:32 C:\WINDOWS\System32\vsdatant.sys -->23/08/2006 23:38:36 C:\WINDOWS\System32\zlcomm.dll -->23/08/2006 23:38:06 C:\WINDOWS\System32\zlcommdb.dll -->23/08/2006 23:38:06 C:\WINDOWS\System32\vswmi.dll -->23/08/2006 23:38:04 C:\WINDOWS\System32\vsxml.dll -->23/08/2006 23:38:04 C:\WINDOWS\WindowsUpdate.log -->22/01/2007 17:52:40 C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->22/01/2007 17:46:22 C:\WINDOWS\wiadebug.log -->22/01/2007 17:46:20 C:\WINDOWS\bootstat.dat -->22/01/2007 17:46:02 C:\WINDOWS\SchedLgU.Txt -->22/01/2007 17:45:30 C:\WINDOWS\wiaservc.log -->22/01/2007 17:45:24 C:\WINDOWS\win.ini -->22/01/2007 17:45:14 C:\WINDOWS\system.ini -->22/01/2007 17:45:14 C:\WINDOWS\gmer.ini -->21/01/2007 21:34:52 C:\WINDOWS\gmer_uninstall.cmd -->21/01/2007 21:34:22 C:\WINDOWS\gmer.dll -->21/01/2007 21:34:22 C:\WINDOWS\NAVIGMA.INI -->17/01/2007 18:04:12 C:\WINDOWS\S -->16/01/2007 19:20:22 C:\WINDOWS\SStylerProDemo.ini -->06/01/2007 20:35:24 C:\WINDOWS\wininit.ini -->03/01/2007 11:57:22 C:\WINDOWS\twunk_16.exe |01/01/1980 00:00:00 C:\WINDOWS\twunk_32.exe |01/01/1980 00:00:00 C:\WINDOWS\SETR.EXE |01/01/1980 00:00:00 C:\WINDOWS\AMOVE.EXE |01/01/1980 00:00:00 C:\WINDOWS\ALAUNCH.EXE |01/01/1980 00:00:00 C:\WINDOWS\EHIB.EXE |01/01/1980 00:00:00 C:\WINDOWS\GalleryPlayer Images Uninstaller.exe |03/10/2005 19:40:02 C:\WINDOWS\gmer.exe |21/01/2007 21:34:21 C:\WINDOWS\uninst.exe |06/01/2007 14:48:06 C:\WINDOWS\IsUninst.exe |06/01/2007 14:52:23 C:\WINDOWS\AGRSMMSG.exe |01/01/1980 00:00:00 C:\WINDOWS\agrsmdel.exe |01/01/1980 00:00:00 C:\WINDOWS\SoundMan.exe |22/03/2005 14:26:50 C:\WINDOWS\RTHDCPL.EXE |22/03/2005 14:26:50 C:\WINDOWS\RTLCPL.EXE |22/03/2005 14:26:49 C:\WINDOWS\ALCWZRD.EXE |22/03/2005 14:26:50 C:\WINDOWS\unin040c.exe |08/12/2005 10:12:00 C:\WINDOWS\CtDrvIns.exe |24/02/2006 18:11:52 C:\WINDOWS\V0090Cfg.exe |24/02/2006 18:11:52 C:\WINDOWS\Ctregrun.exe |24/02/2006 18:12:30 C:\WINDOWS\IsUn040c.exe |11/02/2006 14:28:33 C:\WINDOWS\twain.dll |01/01/1980 00:00:00 C:\WINDOWS\twain_32.dll |01/01/1980 00:00:00 C:\WINDOWS\sysgtime.dll |07/01/2000 01:00:00 C:\WINDOWS\gmer.dll |21/01/2007 21:34:21 C:\WINDOWS\RtlExUpd.dll |03/04/2005 02:24:24 C:\WINDOWS\kpapi32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpcp32.dll |08/12/2005 10:13:17 C:\WINDOWS\kpsys32.dll |08/12/2005 10:13:17 C:\WINDOWS\Sprof32.dll |08/12/2005 10:13:17 C:\WINDOWS\pcdlib32.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\append.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\debug.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34 C:\WINDOWS\system32\edlin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\exe2bin.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\fastopen.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mem.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\mscdexnt.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\nlsfunc.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\setver.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\share.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48 C:\WINDOWS\system32\java.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\dosx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\redir.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\javaw.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\aswBoot.exe |08/12/2005 10:17:54 C:\WINDOWS\system32\javaws.exe |04/05/2006 21:58:40 C:\WINDOWS\system32\ASPTV.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\ASPFM.EXE |01/01/1980 00:00:00 C:\WINDOWS\system32\swreg.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swsc.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\dumphive.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\swxcacls.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\dip.exe |17/01/2007 15:34:34 C:\WINDOWS\system32\Hdaudpropshortcut.exe |17/03/2004 15:10:40 C:\WINDOWS\system32\Process.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\SrchSTS.exe |17/01/2007 23:42:32 C:\WINDOWS\system32\creLink.exe |22/03/2005 14:34:45 C:\WINDOWS\system32\CreMan.exe |22/03/2005 14:35:01 C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00 C:\WINDOWS\system32\ChCfg.exe |03/04/2005 02:24:28 C:\WINDOWS\system32\HdAShCut.exe |07/01/2005 17:07:16 C:\WINDOWS\system32\MaggiUninstall60.exe |06/01/2007 14:48:19 C:\WINDOWS\system32\TVIcon.exe |23/11/2005 16:22:42 C:\WINDOWS\system32\V0090Srv.exe |24/02/2006 18:11:52 C:\WINDOWS\system32\unwlsdrv.exe |06/01/2005 15:04:00 C:\WINDOWS\system32\ir32_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgaw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgdw400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgmd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgpl400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsd400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\jgsh400.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06 C:\WINDOWS\system32\msencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbrccsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18 C:\WINDOWS\system32\tsd32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\win87em.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20 C:\WINDOWS\system32\amstream.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmfd.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atmlib.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\compatUI.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\encdec.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\iccvid.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ieencode.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\msdmo.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\qedwipes.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\sbe.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbcsp.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\slbiop.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir41_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qc.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ir50_qcx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ltkrn13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\EqnClass.Dll |22/03/2005 14:15:29 C:\WINDOWS\system32\spxcoins.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgsetup.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\dgrpsetu.dll |22/03/2005 14:15:29 C:\WINDOWS\system32\ltfil13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltdis13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltimg13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfbmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfcmp13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\ltefx13n.dll |22/08/2006 17:54:50 C:\WINDOWS\system32\lfgif13n.dll |22/08/2006 17:54:52 C:\WINDOWS\system32\lame_enc.dll |11/04/2000 20:44:56 C:\WINDOWS\system32\epcomdd.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESDTR.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\ESICM.dll |29/11/2006 16:27:35 C:\WINDOWS\system32\esccm.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\esccmn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimg.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgd.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escimgn.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiab.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwiad.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\escwian.dll |29/11/2006 16:27:37 C:\WINDOWS\system32\vsdata.dll |21/01/2007 21:29:52 C:\WINDOWS\system32\vsutil.dll |21/01/2007 21:29:52 C:\WINDOWS\system32\vsmonapi.dll |21/01/2007 21:30:23 C:\WINDOWS\system32\vspubapi.dll |21/01/2007 21:30:23 C:\WINDOWS\system32\vsinit.dll |21/01/2007 21:29:52 C:\WINDOWS\system32\zlcommdb.dll |21/01/2007 21:30:28 C:\WINDOWS\system32\mgxoschk.dll |03/01/2007 11:39:29 C:\WINDOWS\system32\INETWH32.dll |03/01/2007 11:39:50 C:\WINDOWS\system32\ROBOEX32.DLL |24/02/2006 18:09:53 C:\WINDOWS\system32\vsxml.dll |21/01/2007 21:30:24 C:\WINDOWS\system32\vswmi.dll |21/01/2007 21:30:24 C:\WINDOWS\system32\zlcomm.dll |21/01/2007 21:30:28 C:\WINDOWS\system32\vsregexp.dll |21/01/2007 21:30:30 C:\WINDOWS\system32\hticons.dll |22/03/2005 14:18:52 C:\WINDOWS\system32\Hdaudprop.dll |17/03/2004 15:10:40 C:\WINDOWS\system32\isrdbg32.dll |22/03/2005 14:19:50 C:\WINDOWS\system32\Hdaudpropres.dll |18/03/2004 17:18:08 C:\WINDOWS\system32\NTICDMK32.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\NTIMPEG2.dll |22/03/2005 14:33:49 C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30 C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38 C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56 C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36 C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29 C:\WINDOWS\system32\ntiembed.dll |22/03/2005 14:34:20 C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00 C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00 C:\WINDOWS\system32\Esint23.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Esintpl.dll |29/11/2006 16:27:34 C:\WINDOWS\system32\Epfb5cpl.dll |29/11/2006 16:27:36 C:\WINDOWS\system32\HdAProp.dll |07/01/2005 17:07:16 C:\WINDOWS\system32\HdAudRes.dll |07/01/2005 17:07:04 C:\WINDOWS\system32\HtmlWH.dll |03/01/2007 11:39:49 C:\WINDOWS\system32\RtlCPAPI.dll |22/03/2005 14:26:49 C:\WINDOWS\system32\libeay32_0.9.6l.dll |21/01/2007 21:30:30 C:\WINDOWS\system32\vp6vfw.dll |23/11/2005 17:55:34 C:\WINDOWS\system32\vsutil_loc040c.dll |21/01/2007 21:30:33 C:\WINDOWS\system32\EBPMON24.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\ECBTEG.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\EBPCHP.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\E_DCINST.DLL |06/12/2005 14:53:57 C:\WINDOWS\system32\Epcmlib.dll |06/12/2005 14:54:51 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 02:53:58 C:\WINDOWS\system32\cppenv25.dll |08/12/2005 10:13:15 C:\WINDOWS\system32\EZIMG25.dll |08/12/2005 10:13:16 C:\WINDOWS\system32\WINSIZE.DLL |08/12/2005 10:13:16 C:\WINDOWS\system32\Snap32n.dll |08/12/2005 10:13:17 C:\WINDOWS\system32\MSVCRT10.DLL |08/12/2005 10:13:17 C:\WINDOWS\system32\ATMDRVR.DLL |08/12/2005 10:14:25 C:\WINDOWS\system32\WooDial2000.dll |24/02/2006 17:42:20 C:\WINDOWS\system32\rnaph.dll |24/02/2006 17:42:13 C:\WINDOWS\system32\CtCamMgr.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\CtRegApp.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Hwx.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Pin.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Sti.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\V0090Vfw.dll |24/02/2006 18:11:52 C:\WINDOWS\system32\hypertrm.dll |22/03/2005 14:18:48 C:\WINDOWS\system32\W32N50.dll |06/03/2006 11:22:41 C:\WINDOWS\system32\ffJmpWeb.dll |06/03/2006 11:38:09 C:\WINDOWS\system32\mcdvd_32.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\divx.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidcore.dll |10/03/2006 14:14:45 C:\WINDOWS\system32\xvidvfw.dll |10/03/2006 14:14:45 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system 23/08/2001 05:00 9 728 regsvr32.exe 1 fichier(s) 9 728 octets 0 Rép(s) 163 609 935 872 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\system32 05/08/2004 05:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 163 609 935 872 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\WINDOWS\Downloaded Program Files 22/03/2005 14:20 <REP> . 22/03/2005 14:20 <REP> .. 22/03/2005 14:20 65 desktop.ini 14/08/2005 00:26 113 664 MsnMessengerSetupDownloader.ocx 30/06/2005 15:19 227 MsnMessengerSetupDownloader.inf 10/11/2005 14:05 876 jinstall-1_5_0_06.inf 14/05/2006 10:56 <REP> DinerDash.1.0.0.58 03/06/2002 17:53 144 QTPlugin.inf 20/04/2006 13:44 24 393 tra2_2_5.rc 19/04/2006 14:26 1 363 968 PIXACODnDUpload.ocx 24/04/2006 13:59 206 PIXACODnDUpload.inf 19/06/2002 14:11 117 088 PURen-us.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 25/06/2006 12:50 1 793 erma.inf 26/05/2005 04:19 293 muweb.inf 20/06/2006 15:44 379 704 MsnPUpld.dll 19/06/2006 14:40 393 MsnPUpld.inf 17/05/2006 14:32 161 480 rufsi.dll 17/05/2006 14:29 241 CabSA.inf 20/12/2006 01:00 124 584 naveng32.dll 20/12/2006 01:00 882 344 navex32a.dll 20/12/2006 01:00 2 504 catalog.dat 20/12/2006 01:00 272 040 ecmsvr32.dll 20/12/2006 01:00 6 899 ecbootil.vxd 20/12/2006 01:00 32 virscant.dat 20/12/2006 01:00 974 242 virscan1.dat 20/12/2006 01:00 569 910 virscan2.dat 20/12/2006 01:00 147 296 virscan3.dat 20/12/2006 01:00 320 186 virscan4.dat 20/12/2006 01:00 3 086 703 virscan5.dat 20/12/2006 01:00 390 030 virscan6.dat 20/12/2006 01:00 5 396 298 virscan7.dat 20/12/2006 01:00 1 650 979 virscan8.dat 20/12/2006 01:00 3 940 959 virscan9.dat 20/12/2006 01:00 224 zdone.dat 20/12/2006 01:00 106 244 virscan.inf 20/12/2006 01:00 97 696 scrauth.dat 20/12/2006 01:00 453 tinf.dat 20/12/2006 01:00 148 tinfidx.dat 20/12/2006 01:00 1 957 tinfl.dat 20/12/2006 01:00 64 048 tscan1.dat 20/12/2006 01:00 3 072 tscan1hd.dat 20/12/2006 01:00 1 061 symaveng.inf 20/12/2006 01:00 9 237 symaveng.cat 20/12/2006 01:00 187 543 tcdefs.dat 20/12/2006 01:00 1 172 076 tcscan7.dat 20/12/2006 01:00 323 242 tcscan8.dat 20/12/2006 01:00 728 804 tcscan9.dat 20/12/2006 01:00 4 778 v.grd 20/12/2006 01:00 2 261 v.sig 28/12/2006 17:58 2 072 vscanmsx.dat 09/11/2006 14:36 5 019 swflash.inf 11/12/2006 16:44 367 LegitCheckControl.inf 08/08/2006 11:45 576 kavwebscan.inf 51 fichier(s) 22 751 011 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:46 995 328 dinerdash.exe 14/05/2006 10:56 <REP> assets 1 fichier(s) 995 328 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 460 playfirst_logo.png 18/11/2005 09:43 11 803 strings.xml 14/05/2006 10:56 <REP> accessories 14/05/2006 10:56 <REP> backgrounds 14/05/2006 10:56 <REP> buttons 14/05/2006 10:56 <REP> comics 14/05/2006 10:56 <REP> config 14/05/2006 10:56 <REP> cook 14/05/2006 10:56 <REP> cursor 14/05/2006 10:56 <REP> flo 14/05/2006 10:56 <REP> fonts 14/05/2006 10:56 <REP> furniture 14/05/2006 10:56 <REP> hiscore 14/05/2006 10:56 <REP> layouts 14/05/2006 10:56 <REP> restaurants 14/05/2006 10:56 <REP> scripts 14/05/2006 10:56 <REP> splash 14/05/2006 10:56 <REP> ui 14/05/2006 10:56 <REP> audio 14/05/2006 10:56 <REP> customers 2 fichier(s) 17 263 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 568 cup.png 18/11/2005 09:43 619 customer_cup.png 18/11/2005 09:43 239 heart.png 18/11/2005 09:43 927 menu_down.png 18/11/2005 09:43 1 244 menu_up.png 18/11/2005 09:43 850 plates.png 18/11/2005 09:43 741 ticket.png 18/11/2005 09:43 1 639 tray.png 8 fichier(s) 6 827 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 319 choosedifficulty.png 18/11/2005 09:43 12 316 credits.jpg 18/11/2005 09:43 12 927 flo_lose.png 18/11/2005 09:43 13 807 flo_win.png 18/11/2005 09:43 16 725 help1.jpg 18/11/2005 09:43 18 595 help2.jpg 18/11/2005 09:43 14 327 highscores.jpg 18/11/2005 09:43 14 586 levelintro.jpg 18/11/2005 09:43 2 967 levelintro_mask.png 18/11/2005 09:43 14 582 levelover.jpg 18/11/2005 09:43 3 383 levelover_mask.png 18/11/2005 09:43 43 278 mainmenu.jpg 18/11/2005 09:43 7 362 popup.jpg 18/11/2005 09:43 1 899 popup_mask.png 18/11/2005 09:43 6 010 upgradegrid.png 18/11/2005 09:43 3 218 upgradetitle.png 18/11/2005 09:43 39 050 upsell.jpg 17 fichier(s) 226 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 825 arrowleft_blue.png 18/11/2005 09:43 995 arrowleft_yellow.png 18/11/2005 09:43 827 arrowright_blue.png 18/11/2005 09:43 991 arrowright_yellow.png 18/11/2005 09:43 2 326 backchalk.png 18/11/2005 09:43 2 960 backchalkup.png 18/11/2005 09:43 1 420 backtomenu_blue.png 18/11/2005 09:43 1 393 backtomenu_yellow.png 18/11/2005 09:43 1 795 back_blue.png 18/11/2005 09:43 1 761 back_yellow.png 18/11/2005 09:43 2 403 cancel.png 18/11/2005 09:43 2 368 cancelup.png 18/11/2005 09:43 2 722 career.png 18/11/2005 09:43 2 714 career_over.png 18/11/2005 09:43 2 156 close.png 18/11/2005 09:43 2 223 closeup.png 18/11/2005 09:43 3 346 continue.png 18/11/2005 09:43 3 208 continueover.png 18/11/2005 09:43 1 378 credits_blue.png 18/11/2005 09:43 1 365 credits_yellow.png 18/11/2005 09:43 2 073 download_blue.png 18/11/2005 09:43 2 081 download_yellow.png 18/11/2005 09:43 2 530 easy.png 18/11/2005 09:43 1 695 easy_over.png 18/11/2005 09:43 2 882 endlessshift.png 18/11/2005 09:43 2 886 endlessshift_over.png 18/11/2005 09:43 2 525 hard.png 18/11/2005 09:43 1 780 hard_over.png 18/11/2005 09:43 1 397 help.png 18/11/2005 09:43 1 395 help_over.png 18/11/2005 09:43 2 871 highscores.png 18/11/2005 09:43 2 871 highscores_over.png 18/11/2005 09:43 1 492 instructions_blue.png 18/11/2005 09:43 1 487 instructions_yellow.png 18/11/2005 09:43 1 491 letsplay.png 18/11/2005 09:43 1 491 letsplayover.png 18/11/2005 09:43 2 934 medium.png 18/11/2005 09:43 1 972 medium_over.png 18/11/2005 09:43 2 909 moreinfo.png 18/11/2005 09:43 2 903 moreinfoup.png 18/11/2005 09:43 580 off.png 18/11/2005 09:43 580 off_on.png 18/11/2005 09:43 505 on.png 18/11/2005 09:43 504 on_on.png 18/11/2005 09:43 827 pause.png 18/11/2005 09:43 843 pauseover.png 18/11/2005 09:43 2 835 quit.png 18/11/2005 09:43 3 776 quitgame.png 18/11/2005 09:43 3 122 quitgameover.png 18/11/2005 09:43 2 866 quitover.png 18/11/2005 09:43 3 762 resumegame.png 18/11/2005 09:43 3 196 resumegameover.png 18/11/2005 09:43 2 812 submit.png 18/11/2005 09:43 2 737 submitup.png 18/11/2005 09:43 3 175 tryagain.png 18/11/2005 09:43 3 244 tryagainover.png 18/11/2005 09:43 4 392 upgrade_over.png 18/11/2005 09:43 4 429 upgrade_up.png 18/11/2005 09:43 4 235 viewglobal.png 18/11/2005 09:43 4 219 viewglobalup.png 18/11/2005 09:43 3 710 viewhighscore.png 18/11/2005 09:43 3 250 viewhighscoreon.png 18/11/2005 09:43 4 189 viewlocal.png 18/11/2005 09:43 4 173 viewlocalup.png 64 fichier(s) 150 802 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 31 920 webcomic.jpg 1 fichier(s) 31 920 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 33 657 career.xml 18/11/2005 09:43 11 169 customer.xml 18/11/2005 09:43 17 741 endless.xml 18/11/2005 09:43 621 global.xml 18/11/2005 09:43 3 137 powerups.xml 5 fichier(s) 66 325 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 6 690 cook.png 18/11/2005 09:43 3 091 cook.xml 18/11/2005 09:43 228 stove.png 3 fichier(s) 10 009 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 773 arrow.png 18/11/2005 09:43 2 028 click.png 18/11/2005 09:43 1 926 click2.png 18/11/2005 09:43 1 726 grab.png 18/11/2005 09:43 2 274 open.png 5 fichier(s) 9 727 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 21 613 idle.png 18/11/2005 09:43 2 752 idle.xml 18/11/2005 09:43 6 943 lower.png 18/11/2005 09:43 2 177 lower.xml 18/11/2005 09:43 16 974 upper.png 18/11/2005 09:43 6 892 upper.xml 6 fichier(s) 57 351 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 36 107 arial.mvec 18/11/2005 09:43 34 231 komikaaxis.mvec 2 fichier(s) 70 338 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 529 chair.png 18/11/2005 09:43 2 914 chair.xml 18/11/2005 09:43 1 512 dirt2top.png 18/11/2005 09:43 1 762 dirt4top.png 18/11/2005 09:43 11 831 dishcart.png 18/11/2005 09:43 1 455 dishcart.xml 18/11/2005 09:43 2 990 drinkstation_off.png 18/11/2005 09:43 3 248 drinkstation_on1.png 18/11/2005 09:43 2 965 drinkstation_on2.png 18/11/2005 09:43 14 012 ticketstation.png 18/11/2005 09:43 2 621 ticketstation.xml 11 fichier(s) 50 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 700 arrowdown.png 18/11/2005 09:43 699 arrowdownon.png 18/11/2005 09:43 684 arrowleft.png 18/11/2005 09:43 684 arrowlefton.png 18/11/2005 09:43 677 arrowright.png 18/11/2005 09:43 679 arrowrighton.png 18/11/2005 09:43 701 arrowup.png 18/11/2005 09:43 703 arrowupon.png 18/11/2005 09:43 357 p1icon.png 18/11/2005 09:43 3 844 textedit.png 18/11/2005 09:43 2 066 title.png 11 fichier(s) 11 794 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 301 endless_1_1.txt 18/11/2005 09:43 301 endless_1_1_a.txt 18/11/2005 09:43 301 endless_1_1_b.txt 18/11/2005 09:43 301 endless_1_1_c.txt 18/11/2005 09:43 301 endless_1_2.txt 18/11/2005 09:43 301 endless_1_2_a.txt 18/11/2005 09:43 313 endless_1_2_b.txt 18/11/2005 09:43 301 endless_1_2_c.txt 18/11/2005 09:43 301 endless_1_2_d.txt 18/11/2005 09:43 301 endless_1_3.txt 18/11/2005 09:43 301 endless_1_3_a.txt 18/11/2005 09:43 301 endless_1_3_b.txt 18/11/2005 09:43 301 endless_1_3_c.txt 18/11/2005 09:43 301 endless_1_3_d.txt 18/11/2005 09:43 313 fifth_level_diner.txt 18/11/2005 09:43 313 first_level_diner.txt 18/11/2005 09:43 313 fourth_level_diner.txt 18/11/2005 09:43 313 second_level_diner.txt 18 fichier(s) 5 478 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 996 tableshadow.png 14/05/2006 10:56 <REP> diner 1 fichier(s) 2 996 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 23 014 background.jpg 18/11/2005 09:43 443 upgrades.xml 14/05/2006 10:56 <REP> food 14/05/2006 10:56 <REP> frames 14/05/2006 10:56 <REP> tables 2 fichier(s) 23 457 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 323 food1.png 18/11/2005 09:43 679 food1.xml 18/11/2005 09:43 3 217 food2.png 18/11/2005 09:43 678 food2.xml 18/11/2005 09:43 3 263 food3.png 18/11/2005 09:43 678 food3.xml 6 fichier(s) 11 838 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 28 970 upgrade_0001.png 1 fichier(s) 28 970 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 142 2top.png 18/11/2005 09:43 1 757 2top.xml 18/11/2005 09:43 1 926 4top.png 18/11/2005 09:43 2 227 4top.xml 4 fichier(s) 8 052 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 1 947 choosedifficulty.lua 18/11/2005 09:43 3 861 chooseplayer.lua 18/11/2005 09:43 1 497 chooserestaurant.lua 18/11/2005 09:43 8 311 credits.lua 18/11/2005 09:43 3 992 game.lua 18/11/2005 09:43 1 300 gothighscore.lua 18/11/2005 09:43 2 500 help.lua 18/11/2005 09:43 3 381 help2.lua 18/11/2005 09:43 14 475 hiscore.lua 18/11/2005 09:43 702 hiscoreinfo.lua 18/11/2005 09:43 3 784 hiscoresubmit.lua 18/11/2005 09:43 1 582 levelintro.lua 18/11/2005 09:43 3 623 levelover.lua 18/11/2005 09:43 775 loading.lua 18/11/2005 09:43 569 mainloop.lua 18/11/2005 09:43 2 548 mainmenu.lua 18/11/2005 09:43 836 ok.lua 18/11/2005 09:43 2 057 pause.lua 18/11/2005 09:43 1 323 style.lua 18/11/2005 09:43 1 521 tutorialintro.lua 18/11/2005 09:43 2 754 upgrade.lua 18/11/2005 09:43 943 upsell.lua 18/11/2005 09:43 2 202 webcomic.lua 18/11/2005 09:43 1 516 yesno.lua 24 fichier(s) 67 999 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 7 639 gamelabsplash.jpg 18/11/2005 09:43 21 506 playfirst_logo.jpg 2 fichier(s) 29 145 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 3 181 angersmoke.png 18/11/2005 09:43 1 179 angersmoke.xml 18/11/2005 09:43 2 098 chairflags.png 18/11/2005 09:43 1 884 chairflags.xml 18/11/2005 09:43 1 641 check.png 18/11/2005 09:43 335 checkmark.png 18/11/2005 09:43 9 739 clock.png 18/11/2005 09:43 3 021 closed.png 18/11/2005 09:43 5 511 closingtime.png 18/11/2005 09:43 2 511 coinflip.png 18/11/2005 09:43 1 146 coinflip.xml 18/11/2005 09:43 1 182 dollar.png 18/11/2005 09:43 6 341 expert.png 18/11/2005 09:43 3 910 expertscore.png 18/11/2005 09:43 5 463 foodpoof.png 18/11/2005 09:43 640 foodpoof.xml 18/11/2005 09:43 2 676 fork_timer.png 18/11/2005 09:43 2 680 goalcompleted.png 18/11/2005 09:43 2 013 heartgrow.png 18/11/2005 09:43 1 117 heartgrow.xml 18/11/2005 09:43 18 939 jar.png 18/11/2005 09:43 941 jar.xml 18/11/2005 09:43 10 376 level.png 18/11/2005 09:43 4 276 level_career.png 18/11/2005 09:43 8 910 score.png 18/11/2005 09:43 697 sound.png 18/11/2005 09:43 862 staroff.png 18/11/2005 09:43 1 830 staron.png 18/11/2005 09:43 2 187 tablenumber.png 18/11/2005 09:43 2 303 tablenumberup.png 18/11/2005 09:43 419 traynumber.png 18/11/2005 09:43 1 014 tutorialarrow.png 18/11/2005 09:43 1 880 tutorialbox.png 18/11/2005 09:43 6 924 tutorial_character.png 18/11/2005 09:43 11 027 upgradeanim.png 18/11/2005 09:43 1 457 upgradeanim.xml 14/05/2006 10:56 <REP> doodles 14/05/2006 10:56 <REP> upgrades 36 fichier(s) 132 310 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 155 coffee.png 18/11/2005 09:43 3 960 tables.png 18/11/2005 09:43 2 928 wallpaper.png 3 fichier(s) 12 043 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 2 301 drinks.png 18/11/2005 09:43 4 505 maitred.png 18/11/2005 09:43 3 783 oven.png 18/11/2005 09:43 4 177 select.png 18/11/2005 09:43 2 482 shoes.png 18/11/2005 09:43 4 267 stereo.png 18/11/2005 09:43 3 924 table.png 7 fichier(s) 25 439 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> music 14/05/2006 10:56 <REP> sfx 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 55 809 mainmenumusic.ogg 1 fichier(s) 55 809 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 5 299 sfx_bring_check_1_snd.ogg 18/11/2005 09:43 3 602 sfx_deliver_food_1_snd.ogg 18/11/2005 09:43 5 560 sfx_deliver_order_1_snd.ogg 18/11/2005 09:43 9 248 sfx_diner.ogg 18/11/2005 09:43 3 906 sfx_dish_dropoff_1_snd.ogg 18/11/2005 09:43 3 932 sfx_food_ready_1_snd.ogg 18/11/2005 09:43 3 650 sfx_gain_heart_1.ogg 18/11/2005 09:43 14 169 sfx_get_drinks_1_snd.ogg 18/11/2005 09:43 6 727 sfx_party_arrive_1_snd.ogg 18/11/2005 09:43 4 861 sfx_pencil_write_2.ogg 18/11/2005 09:43 4 413 sfx_pickup_food_1_snd.ogg 18/11/2005 09:43 2 868 sfx_rollover_1.ogg 18/11/2005 09:43 4 862 sfx_seat_people_snd.ogg 13 fichier(s) 73 097 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 14/05/2006 10:56 <REP> old_male 14/05/2006 10:56 <REP> young_female 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 644 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 644 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 880 anim.png 18/11/2005 09:43 1 479 anim.xml 18/11/2005 09:43 678 sit_legs.png 3 fichier(s) 17 037 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 567 anim.png 18/11/2005 09:43 1 481 anim.xml 18/11/2005 09:43 626 sit_legs.png 3 fichier(s) 16 674 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 859 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 640 sit_legs.png 3 fichier(s) 16 982 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 840 anim.png 18/11/2005 09:43 1 477 anim.xml 18/11/2005 09:43 649 sit_legs.png 3 fichier(s) 16 966 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 14 982 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 786 sit_legs.png 3 fichier(s) 17 251 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 13 571 anim.xml 14/05/2006 10:56 <REP> blue 14/05/2006 10:56 <REP> green 14/05/2006 10:56 <REP> purple 14/05/2006 10:56 <REP> red 14/05/2006 10:56 <REP> yellow 1 fichier(s) 13 571 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 922 anim.png 18/11/2005 09:43 1 485 anim.xml 18/11/2005 09:43 476 sit_legs.png 3 fichier(s) 13 883 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 759 anim.png 18/11/2005 09:43 1 487 anim.xml 18/11/2005 09:43 448 sit_legs.png 3 fichier(s) 13 694 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 875 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 475 sit_legs.png 3 fichier(s) 13 839 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 11 584 anim.png 18/11/2005 09:43 1 483 anim.xml 18/11/2005 09:43 466 sit_legs.png 3 fichier(s) 13 533 octets Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow 14/05/2006 10:56 <REP> . 14/05/2006 10:56 <REP> .. 18/11/2005 09:43 12 011 anim.png 18/11/2005 09:43 1 489 anim.xml 18/11/2005 09:43 483 sit_legs.png 3 fichier(s) 13 983 octets Total des fichiers listés : 337 fichier(s) 25 113 575 octets 122 Rép(s) 163 608 887 296 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Liste des programmes installes 105462 Unistall 61478 Unistall 802.11 USB Wireless LAN Adapter Adobe Acrobat Reader 3.01 Adobe Flash Player 9 ActiveX Adobe Reader 6.0.1 Adobe Shockwave Player Adobe Type Manager 4.0 Agere Systems PCI Soft Modem ArcSoft Multimedia Email ATI Display Driver avast! Antivirus AVG Anti-Spyware 7.5 Barre d'outils MSN Camera Support Core Library Canon Camera Support Core Library CCleaner (remove only) Codeur Windows Media Série 9 Codeur Windows Media Série 9 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB891781 Creative WebCam Center Creative WebCam Vista Plus Driver (1.02.02.0414) ENPC PersoTEST EPSON Logiciel imprimante EPSON PhotoQuicker3.5 EPSON TWAIN 5 EPSON Web-To-Page ESC66 Guide de référence ESC66 Guide des logiciels GalleryPlayer Images GamesBar 1.0.0.9 Google Toolbar for Firefox High Definition Audio Driver Package - KB835221 High Definition Audio Driver Package - KB888111 HijackThis 1.99.1 Installer Yahoo! Messenger J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_05 Jeux Classiques Kaspersky Online Scanner Lecteur Windows Media 11 Les Sims 2 LFP Manager 06 Macromedia Flash Player Messenger Plus! Live Micro Application - Scrapbook Edition Spéciale Microsoft Office XP Professional avec FrontPage Microsoft Publisher 2002 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft XML Parser MSN NTI Backup NOW! 3 NTI Backup NOW! 3 NTI CD & DVD-Maker NTI CD & DVD-Maker Gold PowerDVD Print@Fujicolor QuickTime QuickTime Realtek High Definition Audio Driver Sandlot Games Client Services ScanToWeb SimCity 3000 Tap'Touche 4 tomb Ulead Photo Express 4.0 My Custom Edition Usb disk Driver Wanadoo Messager WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Yahoo! Toolbar Yahoo! Toolbar avec bloqueur de fenêtres pop-up ZoneAlarm Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:21 <REP> Adobe 08/12/2005 10:14 <REP> Adobe Type Manager 08/12/2005 10:17 <REP> Alwil Software 24/02/2006 18:10 <REP> ArcSoft 10/03/2006 14:14 <REP> AVSMedia 25/12/2006 21:23 <REP> Canon 22/01/2007 17:51 <REP> CCleaner 22/03/2005 14:19 <REP> ComPlus Applications 24/02/2006 18:07 <REP> Creative 22/03/2005 14:31 <REP> CyberLink 23/11/2005 17:55 <REP> EA GAMES 23/11/2005 16:37 <REP> EA SPORTS 07/02/2006 17:18 <REP> ENPC_PersoTEST1 06/12/2005 14:53 <REP> EPSON 22/03/2005 14:15 <REP> Fichiers communs 24/11/2005 13:33 <REP> Fujifilm 04/05/2006 21:58 <REP> Google 18/01/2007 18:14 <REP> Grisoft 17/01/2007 22:47 <REP> HijackThis 22/03/2005 14:26 <REP> Intel 22/03/2005 14:19 <REP> Internet Explorer 06/03/2006 11:45 <REP> Inventel 28/08/2006 16:30 <REP> iWin 22/03/2005 14:27 <REP> Java 18/03/2006 13:45 <REP> Jeux classiques 27/12/2006 10:22 <REP> Lavasoft 12/07/2006 19:23 <REP> Maxis 22/03/2005 14:18 <REP> Messenger 24/12/2006 10:47 <REP> Messenger Plus! Live 09/01/2006 16:20 <REP> Micro Application 22/03/2005 14:22 <REP> microsoft frontpage 08/12/2005 10:04 <REP> Microsoft Office 08/12/2005 10:05 <REP> Microsoft Visual Studio 22/03/2005 14:19 <REP> Movie Maker 22/03/2005 14:18 <REP> MSN 25/02/2006 22:01 <REP> MSN Apps 07/06/2006 11:50 <REP> MSN Games 22/03/2005 14:18 <REP> MSN Gaming Zone 25/10/2006 22:57 <REP> MSN Messenger 22/03/2005 14:19 <REP> NetMeeting 22/03/2005 14:33 <REP> NewTech Infosystems 22/03/2005 14:19 <REP> Online Services 22/07/2006 15:17 <REP> orange 22/03/2005 14:19 <REP> Outlook Express 08/12/2005 10:13 <REP> PhotoDeluxe EE 1.0 10/03/2006 11:54 <REP> QuickTime 27/06/2006 19:32 <REP> Real 22/03/2005 14:26 <REP> Realtek 27/06/2006 19:32 774 144 RngInterstitial.dll 28/07/2006 15:07 <REP> Securitoo 22/03/2005 14:20 <REP> Services en ligne 17/01/2007 19:05 <REP> Spyware Doctor 22/03/2005 14:28 <REP> Symantec 31/08/2006 21:14 <REP> Tap'Touche 4 24/02/2006 18:09 <REP> Ulead Systems 05/11/2006 21:39 <REP> Virtools Web Player 3.5 06/07/2006 18:58 <REP> Wanadoo 06/07/2006 18:58 <REP> Wanadoo Messager 03/01/2007 12:01 <REP> Windows Media Components 22/03/2005 14:19 <REP> Windows Media Player 22/03/2005 14:18 <REP> Windows NT 17/01/2007 18:31 <REP> Winsos 22/03/2005 14:22 <REP> xerox 29/03/2006 23:26 <REP> Yahoo! 21/01/2007 21:30 <REP> Zone Labs 06/12/2006 20:58 <REP> Zylom Games 1 fichier(s) 774 144 octets 67 Rép(s) 163 609 903 104 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs 22/03/2005 14:15 <REP> . 22/03/2005 14:15 <REP> .. 22/03/2005 14:15 <REP> Microsoft Shared 22/03/2005 14:15 <REP> SpeechEngines 22/03/2005 14:15 <REP> ODBC 22/03/2005 14:19 <REP> System 22/03/2005 14:19 <REP> MSSoap 22/03/2005 14:19 <REP> Services 22/03/2005 14:25 <REP> InstallShield 22/03/2005 14:27 <REP> Java 22/03/2005 14:29 <REP> Symantec Shared 04/12/2005 11:12 <REP> Adobe 08/12/2005 10:05 <REP> Designer 09/01/2006 16:20 <REP> Micro Application Shared 31/07/2006 14:00 278 528 FDEUnInstaller.exe 10/03/2006 14:14 <REP> AVSMedia 18/03/2006 13:45 <REP> Wise Installation Wizard 30/03/2006 21:22 <REP> Sandlot Shared 27/06/2006 19:32 <REP> Real 03/01/2007 11:40 <REP> MAGIX Shared 1 fichier(s) 278 528 octets 19 Rép(s) 163 609 903 104 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 22/03/2005 14:25 <REP> . 22/03/2005 14:25 <REP> .. 07/03/2001 07:00 127 033 MSOWS40c.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 08/12/2005 10:05 <REP> 1036 08/12/2005 10:05 <REP> 1033 15/02/2001 05:45 1 318 912 MSONSEXT.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 12/02/2001 04:03 684 032 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 163 609 903 104 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 320D-180E Répertoire de C:\ 18/01/2007 23:19 126 976 zip.exe 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 3 fichier(s) 298 496 octets 0 Rép(s) 163 609 903 104 octets libres c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\Setup.exe c:\Documents and Settings\marion\Mes documents\msgpluslive-411.exe c:\Documents and Settings\marion\Mes documents\marion.dunoyer\ccsetup136.exe c:\Documents and Settings\marion\Mes documents\marion.dunoyer\Fixwareout.exe c:\Documents and Settings\marion\Mes documents\marion.dunoyer\rustbfix.exe c:\Documents and Settings\marion\Mes documents\marion.dunoyer\zlsSetup_65_737_000_fr.exe c:\Documents and Settings\marion\Mes documents\marion.dunoyer\gmer\gmer.exe c:\Documents and Settings\marion\Mes documents\Mes fichiers reçus\rustbfix.exe c:\Documents and Settings\marion\Mes documents\Mes fichiers reçus\zlsSetup_65_737_000_fr.exe c:\Documents and Settings\marion\Mes documents\marion\install_messenger.exe c:\Documents and Settings\marion\Mes documents\marion\wmencoder.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\swxcacls.exe c:\Documents and Settings\marion\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\marion\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\marion\Application Data\Adobe\Acrobat\6.0\Updater\AdbeRdr70_enu_full.exe c:\Documents and Settings\marion\Application Data\WholeSecurity\CAT\WSUIEE.exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\OPW9P26M\zaasSetup_65_737_000_fr[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[1].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[2].exe c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\ztool4[1].exe c:\Documents and Settings\guillaume\Mes documents\louvetain\rustbfix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\SDFix.exe c:\Documents and Settings\guillaume\Mes documents\louvetain\zaasSetup_65_737_000_fr.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\ATR1.EXE c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005Patch1_2.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\TrophyViewer.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\unins000.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\uninspro.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\WebLauncher.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsia.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsiw.exe c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\setup.exe c:\Documents and Settings\guillaume\Bureau\clean\pskill.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\dumphive.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Process.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Reboot.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\restart.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swreg.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swsc.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swxcacls.exe c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\unzip.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\delicious.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\fmod.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setup.dll c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setupx.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVIP}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{0000278T-TT9K-T8DU-1KFV-23O5NTEJMVU6}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU0}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-83VE-238SHC0H2VVH}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV2}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVA}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{002AVPFP-JHLQ-ABE3-SM6K-20DE4GEHCVVJ}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKO}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG5-V0BI-21QH2RV14VVR}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VUC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-LS5J-229F8D9V0VVC}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-FTST-22EV6QAI2VV1}\xmlparse.dll c:\Documents and Settings\marion\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll Logfile of HijackThis v1.99.1 Scan saved at 18:09:15, on 22/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe a bientot -
besoin d'un rapport HijackThis
haguima a répondu à un(e) sujet de haguima dans Analyses et éradication malwares
voici les nouveaux résultats: Fixwareout Last edited 1/14/2006 Post this report in the forums please ... Prerun check »»»»» HKLM run and Winlogon System values C:\WINDOWS\system32\csteq.exe will be moved to C:\WINDOWS\temp\csteq.ren at reboot. »»»»» System restarted ... Reg Entries that were deleted HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}8110543968E0-3018-C734-7676-6688E3E6{ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}7021E628FA59-BA3A-7AA4-0E9F-58D4BC1D{ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}059F2880863C-571B-5B14-6BDE-A019CD23{ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\ukimd HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urlsmdm HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\1mdm HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\yqdm HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion "dpid" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion "pid" ... Random Runs removed from HKLM ... PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. »»»»» Searching by size/names... »»»»» Search five digit cs, dm kd and jb files. This WILL/CAN also list Legit Files, Submit them at Virustotal Other suspects. »»»»» Misc files. »»»»» Checking for older varients covered by the Rem3 tool. »»»»» Postrun check »»»»» HKLM run »»»»» Winlogon System value "system"="" »»»»» Service Pack 2 1 21 2007 22:48:05.359 Pilote charg‚ \WINDOWS\system32\ntoskrnl.exe Pilote charg‚ \WINDOWS\system32\hal.dll Pilote charg‚ \WINDOWS\system32\KDCOM.DLL Pilote charg‚ \WINDOWS\system32\BOOTVID.dll Pilote charg‚ ACPI.sys Pilote charg‚ \WINDOWS\system32\DRIVERS\WMILIB.SYS Pilote charg‚ pci.sys Pilote charg‚ isapnp.sys Pilote charg‚ pciide.sys Pilote charg‚ \WINDOWS\system32\DRIVERS\PCIIDEX.SYS Pilote charg‚ intelide.sys Pilote charg‚ MountMgr.sys Pilote charg‚ ftdisk.sys Pilote charg‚ PartMgr.sys Pilote charg‚ VolSnap.sys Pilote charg‚ atapi.sys Pilote charg‚ disk.sys Pilote charg‚ \WINDOWS\system32\DRIVERS\CLASSPNP.SYS Pilote charg‚ fltMgr.sys Pilote charg‚ sr.sys Pilote charg‚ Fastfat.sys Pilote charg‚ KSecDD.sys Pilote charg‚ NDIS.sys Pilote charg‚ srescan.sys Pilote charg‚ ohci1394.sys Pilote charg‚ \WINDOWS\system32\DRIVERS\1394BUS.SYS Pilote charg‚ Mup.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\nic1394.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\intelppm.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\ati2mtag.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\HDAudBus.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\usbuhci.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\usbehci.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\AGRSM.sys Pilote charg‚ \SystemRoot\System32\Drivers\Modem.SYS Pilote charg‚ \SystemRoot\system32\DRIVERS\Rtlnic51.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\fdc.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\serial.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\serenum.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\parport.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\i8042prt.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\mouclass.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\kbdclass.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\imapi.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\cdrom.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\redbook.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\NTIDrvr.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\audstub.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\rasl2tp.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\ndistapi.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\ndiswan.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\raspppoe.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\raspptp.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\msgpc.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\psched.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\ptilink.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\raspti.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\termdd.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\swenum.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\update.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\mssmbios.sys Pilote charg‚ \SystemRoot\System32\Drivers\NDProxy.SYS Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\System32\Drivers\NDProxy.SYS Pilote charg‚ \SystemRoot\system32\drivers\RtkHDAud.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\usbhub.sys Pilote charg‚ \SystemRoot\system32\drivers\MODEMCSA.sys Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\System32\Drivers\lbrtfdc.SYS Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\System32\Drivers\Sfloppy.SYS Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\System32\Drivers\i2omgmt.SYS Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\System32\Drivers\Changer.SYS Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\System32\Drivers\Cdaudio.SYS Pilote charg‚ \SystemRoot\System32\Drivers\Fs_Rec.SYS Pilote charg‚ \SystemRoot\System32\Drivers\Null.SYS Pilote charg‚ \SystemRoot\System32\Drivers\Beep.SYS Pilote charg‚ \SystemRoot\System32\DRIVERS\AvgAsCln.sys Pilote charg‚ \SystemRoot\System32\Drivers\ATMhelpr.SYS Pilote charg‚ \SystemRoot\System32\drivers\vga.sys Pilote charg‚ \SystemRoot\System32\Drivers\mnmdd.SYS Pilote charg‚ \SystemRoot\System32\DRIVERS\RDPCDD.sys Pilote charg‚ \SystemRoot\System32\Drivers\Msfs.SYS Pilote charg‚ \SystemRoot\System32\Drivers\Npfs.SYS Pilote charg‚ \SystemRoot\system32\DRIVERS\rasacd.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\ipsec.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\tcpip.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\ipnat.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\wanarp.sys Pilote charg‚ \SystemRoot\System32\Drivers\aswTdi.SYS Pilote charg‚ \SystemRoot\system32\DRIVERS\netbt.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\arp1394.sys Pilote charg‚ \SystemRoot\System32\vsdatant.sys Pilote charg‚ \SystemRoot\System32\drivers\afd.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\netbios.sys Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\System32\Drivers\PCIDump.SYS Pilote charg‚ \SystemRoot\system32\DRIVERS\rdbss.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\mrxsmb.sys Pilote charg‚ \SystemRoot\System32\Drivers\Fips.SYS Pilote charg‚ \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys Pilote charg‚ \SystemRoot\System32\Drivers\Aavmker4.SYS Pilote charg‚ \SystemRoot\System32\Drivers\Cdfs.SYS Pilote charg‚ \SystemRoot\system32\DRIVERS\USBSTOR.SYS Pilote charg‚ \SystemRoot\system32\DRIVERS\usb8023.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\usbprint.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\ndisuio.sys Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\system32\DRIVERS\rdbss.sys Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\system32\DRIVERS\mrxsmb.sys Pilote charg‚ \SystemRoot\system32\drivers\wdmaud.sys Pilote charg‚ \SystemRoot\system32\drivers\sysaudio.sys Pilote charg‚ \SystemRoot\system32\drivers\splitter.sys Pilote charg‚ \SystemRoot\system32\drivers\aec.sys Pilote charg‚ \SystemRoot\system32\drivers\swmidi.sys Pilote charg‚ \SystemRoot\system32\drivers\DMusic.sys Pilote charg‚ \SystemRoot\system32\drivers\kmixer.sys Pilote charg‚ \SystemRoot\system32\drivers\drmkaud.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\mrxdav.sys Pilote charg‚ \SystemRoot\System32\Drivers\aswMon2.SYS Pilote charg‚ \SystemRoot\system32\DRIVERS\srv.sys Pilote charg‚ \SystemRoot\system32\DRIVERS\secdrv.sys Le pilote n'a pas ‚t‚ charg‚ \??\C:\WINDOWS\system32\wincom32.sys Le pilote n'a pas ‚t‚ charg‚ \SystemRoot\system32\DRIVERS\ipnat.sys Pilote charg‚ \SystemRoot\System32\Drivers\aswRdr.SYS Pilote charg‚ \SystemRoot\System32\Drivers\HTTP.sys Pilote charg‚ \SystemRoot\system32\drivers\kmixer.sys Logfile of HijackThis v1.99.1 Scan saved at 22:52:05, on 21/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE nouveau rapport HijackThis: R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [WinMedia] C:\DOCUME~1\marion\LOCALS~1\Temp\260796.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe -
besoin d'un rapport HijackThis
haguima a répondu à un(e) sujet de haguima dans Analyses et éradication malwares
voici mes nouveaux rapports: Scan taken on 21 Jan 2007 20:24:51 (GMT) AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing VirusBuster Found nothing VBA32 Found nothing GMER 1.0.12.12011 - http://www.gmer.net Rootkit scan 2007-01-21 21:40:45 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwCreateFile SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwCreateKey SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwCreatePort SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwCreateProcess SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwCreateProcessEx SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwCreateSection SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwCreateWaitablePort SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwDeleteFile SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwDeleteKey SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwDeleteValueKey SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwDuplicateObject SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwLoadKey SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwOpenFile SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwOpenProcess SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwOpenThread SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwReplaceKey SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwRestoreKey SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwSecureConnectPort SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwSetInformationFile SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwSetValueKey SSDT \??\C:\WINDOWS\system32\vsdatant.sys ZwTerminateProcess ---- Kernel code sections - GMER 1.0.12 ---- .text ntoskrnl.exe!ZwYieldExecution + 137 804E4FF8 12 Bytes [ 60, DC, 51, EC, E0, 3E, 52, ... ] .text ntoskrnl.exe!ZwYieldExecution + 177 804E5038 8 Bytes [ 50, A9, 51, EC, B0, 60, 52, ... ] ---- User code sections - GMER 1.0.12 ---- .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!LoadResource 7C80A065 7 Bytes JMP 27001B70 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!FindResourceExW 7C80AB10 7 Bytes JMP 27001AE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!FindResourceW 7C80BA56 7 Bytes JMP 27001A60 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!SizeofResource 7C80BAF1 7 Bytes JMP 27001C20 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!LockResource 7C80C6CF 2 Bytes JMP 27001CD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!LockResource + 3 7C80C6D2 2 Bytes [ 7F, AA ] .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!SetUnhandledExceptionFilter 7C810386 5 Bytes JMP 004E12D0 C:\Program Files\MSN Messenger\msnmsgr.exe .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] kernel32.dll!CreateEventA 7C81E4BD 5 Bytes JMP 27001840 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] ADVAPI32.dll!CryptDeriveKey 77DBA685 7 Bytes JMP 27001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] ADVAPI32.dll!CryptDecrypt 77DBA7B1 2 Bytes JMP 27001050 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] ADVAPI32.dll!CryptDecrypt + 3 77DBA7B4 4 Bytes [ 24, AF, CC, CC ] .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!PeekMessageW 77D19278 5 Bytes JMP 27003760 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!CreateWindowExW 77D21AD5 5 Bytes JMP 27003270 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!SetWindowRgn 77D21DE0 7 Bytes JMP 27004AB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!CreateDialogParamW 77D3629F 5 Bytes JMP 27004E30 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!SetWindowPlacement 77D3FBEA 5 Bytes JMP 270049D0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!FlashWindow 77D55C9D 5 Bytes JMP 27004B50 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!MessageBoxIndirectW 77D660B7 5 Bytes JMP 27004F90 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] USER32.dll!TrackPopupMenuEx 77D6CAFE 5 Bytes JMP 27003F30 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WS2_32.dll!send 719F428A 5 Bytes JMP 270095A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WS2_32.dll!WSARecv 719F4318 5 Bytes JMP 27009390 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WS2_32.dll!recv 719F615A 5 Bytes JMP 27009200 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WS2_32.dll!WSASend 719F6233 5 Bytes JMP 27009720 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WS2_32.dll!closesocket 719F9639 5 Bytes JMP 27009930 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] SHELL32.dll!Shell_NotifyIconW 7CA47CE1 5 Bytes JMP 27002BA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] ole32.dll!CoInitializeEx 774BED23 5 Bytes JMP 27001D30 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] ole32.dll!CoRegisterClassObject 774CA084 5 Bytes JMP 27001E30 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WININET.dll!HttpOpenRequestA 77AB4AC5 5 Bytes JMP 27008180 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WININET.dll!InternetCloseHandle 77AB61DC 5 Bytes JMP 27008460 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WININET.dll!HttpSendRequestA 77AB76B8 5 Bytes JMP 270083B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll .text C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE[2660] WININET.dll!InternetReadFile 77AB9555 5 Bytes JMP 270082E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll ---- Devices - GMER 1.0.12 ---- Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [EC52F2A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [EC52F2A0] vsdatant.sys ---- EOF - GMER 1.0.12 ---- Logfile of HijackThis v1.99.1 Scan saved at 21:44:04, on 21/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\ACER\PSM.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Anuman Interactive\Le journal de votre naissance\anniv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [WinMedia] C:\DOCUME~1\marion\LOCALS~1\Temp\260796.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe merci