Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

cheval de troie

haguima

Par haguima
dans Analyses et éradication malwares

 Partager

Messages recommandés

haguima Junior Member

haguima

Posté(e)
Posté(e)

Bonjour

mon ordinateur est infecté par un cheval de troie

je vous envoie mon rapport hijackthis

Logfile of HijackThis v1.99.1

Scan saved at 12:52:00, on 17/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\ACER\PSM.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe

C:\WINDOWS\system32\kernels32.exe

C:\PROGRA~1\WANADOO\TaskBarIcon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Windows\xpupdate.exe

C:\Program Files\BraveSentry\BraveSentry.exe

C:\PROGRA~1\WANADOO\GestionnaireInternet.exe

C:\PROGRA~1\WANADOO\ComComp.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\PROGRA~1\WANADOO\Toaster.exe

C:\PROGRA~1\WANADOO\Inactivity.exe

C:\PROGRA~1\WANADOO\PollingModule.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\WANADOO\Watch.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10MT2.EXE

C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winpornvids.com/ to verify your age, REQUIRED! WARNING! Adult pictures are featured in this site. Only adults permitted beyond this point! Are you at least 18 years old

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL

O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll

O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"

O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\kernels32.exe

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe

O4 - HKCU\..\Run: [brave-Sentry] C:\Program Files\BraveSentry\BraveSentry.exe

O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll

O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/

O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Windows Management Service - Unknown owner - C:\WINDOWS\system32\dmauj.exe

 

merci d'avance

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Bonjour,

 

 

-- Télécharge SmitfraudFix de S!Ri, balltrap34 et moe31 - mirroir http://72.232.135.12/siri/SmitfraudFix.php

(Si tu as Norton Antivirus ou NOD32, désactive le)

-- Fais un clic droit puis Extraire tout sur le fichier SmitfraudFix.zip, cela va tout décompresser dans un nouveau dossier SmitFraudfix

-- Ouvre le dossier SmitfraudFix double clic sur SmitfraudFix.cmd (le .cmd peut ne pas être présent)

-- Choisis l'option 1 et appuie sur Entrée

-- Réponds o (Oui) aux deux questions suivantes si elles sont posées

-- Un rapport sera généré sauvegarde le dans un dossier

-- Copie/colle le contenu du rapport ici

 

 

 

Sur HijackThis, coche ces lignes :

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer = 85.255.116.56,85.255.112.146

 

--> clic sur fix checked

 

 

Télécharge FixWareout LonnyRJones de d'un de ces deux sites sur le bureau:

http://downloads.subratam.org/Fixwareout.exe

http://swandog46.geekstogo.com/Fixwareout.exe

 

Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.

Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HiJackThis.

haguima Junior Member

haguima

Posté(e)
  • Auteur
Posté(e)

voici mes différents rapports:

SmitFraudFix v2.169

 

Rapport fait à 12:59:04,84, 17/04/2007

Executé à partir de C:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est FAT32

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» Process

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\ACER\PSM.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe

C:\WINDOWS\system32\kernels32.exe

C:\PROGRA~1\WANADOO\TaskBarIcon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Windows\xpupdate.exe

C:\Program Files\BraveSentry\BraveSentry.exe

C:\PROGRA~1\WANADOO\GestionnaireInternet.exe

C:\PROGRA~1\WANADOO\ComComp.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\PROGRA~1\WANADOO\Toaster.exe

C:\PROGRA~1\WANADOO\Inactivity.exe

C:\PROGRA~1\WANADOO\PollingModule.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\WANADOO\Watch.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe

C:\PROGRA~1\WANADOO\WOOBRO~1\DownloadManager.exe

C:\WINDOWS\system32\cmd.exe

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

C:\WINDOWS\xpupdate.exe PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

C:\WINDOWS\system32\kernels32.exe PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion\Application Data

 

C:\Documents and Settings\marion\Application Data\Install.dat PRESENT !

C:\Documents and Settings\marion\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBlast v5.0.lnk PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\marion\Favoris

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

 

C:\Program Files\BraveSentry\ PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"system"="cshky.exe"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

 

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets

DNS Server Search Order: 85.255.116.56

DNS Server Search Order: 85.255.112.146

 

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

 

Description: Inventel Gateway #2 - Miniport d'ordonnancement de paquets

DNS Server Search Order: 85.255.116.56

DNS Server Search Order: 85.255.112.146

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

 

SmitFraudFix v2.169

 

Rapport fait à 12:59:04,84, 17/04/2007

Executé à partir de C:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est FAT32

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» Process

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\ACER\PSM.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe

C:\WINDOWS\system32\kernels32.exe

C:\PROGRA~1\WANADOO\TaskBarIcon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Windows\xpupdate.exe

C:\Program Files\BraveSentry\BraveSentry.exe

C:\PROGRA~1\WANADOO\GestionnaireInternet.exe

C:\PROGRA~1\WANADOO\ComComp.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\PROGRA~1\WANADOO\Toaster.exe

C:\PROGRA~1\WANADOO\Inactivity.exe

C:\PROGRA~1\WANADOO\PollingModule.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\WANADOO\Watch.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe

C:\PROGRA~1\WANADOO\WOOBRO~1\DownloadManager.exe

C:\WINDOWS\system32\cmd.exe

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

C:\WINDOWS\xpupdate.exe PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

C:\WINDOWS\system32\kernels32.exe PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marion\Application Data

 

C:\Documents and Settings\marion\Application Data\Install.dat PRESENT !

C:\Documents and Settings\marion\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBlast v5.0.lnk PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\marion\Favoris

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

 

C:\Program Files\BraveSentry\ PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"system"="cshky.exe"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

 

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets

DNS Server Search Order: 85.255.116.56

DNS Server Search Order: 85.255.112.146

 

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

 

Description: Inventel Gateway #2 - Miniport d'ordonnancement de paquets

DNS Server Search Order: 85.255.116.56

DNS Server Search Order: 85.255.112.146

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{601EC332-33D6-4B07-BFCF-B72B5829009A}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6190666E-B71D-45AA-A5D8-2FA45C910E87}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{66489236-C1C5-44EC-A4CD-253735CDD557}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{6816ABF1-7D86-43AA-8683-BDD43789418B}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{733AFA4A-0DB7-4CB2-AB88-056E8AE40676}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: DhcpNameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B847555-85B6-4C5B-9008-92843788548C}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{A7BA660C-78AF-46A0-94FE-93598DE596A2}: NameServer=85.255.116.56,85.255.112.146

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.116.56 85.255.112.146

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

 

Logfile of HijackThis v1.99.1

Scan saved at 13:15:38, on 17/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\ACER\PSM.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe

C:\PROGRA~1\WANADOO\TaskBarIcon.exe

C:\WINDOWS\system32\kernels32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\PROGRA~1\WANADOO\GestionnaireInternet.exe

C:\Program Files\BraveSentry\BraveSentry.exe

C:\PROGRA~1\WANADOO\ComComp.exe

C:\PROGRA~1\WANADOO\Toaster.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\PROGRA~1\WANADOO\Inactivity.exe

C:\PROGRA~1\WANADOO\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\WANADOO\Watch.exe

C:\WINDOWS\system32\dlh9jkd1q2.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\WINDOWS\system32\dlh9jkd1q6.exe

C:\WINDOWS\system32\dlh9jkd1q7.exe

C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe

C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winpornvids.com/ to verify your age, REQUIRED! WARNING! Adult pictures are featured in this site. Only adults permitted beyond this point! Are you at least 18 years old

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL

O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll

O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe"

O4 - HKLM\..\Run: [system] C:\WINDOWS\system32\kernels32.exe

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [brave-Sentry] C:\Program Files\BraveSentry\BraveSentry.exe

O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe

O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll

O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/

O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

 

 

Fixwareout Last edited 4/5/2007

Post this report in the forums please

...

»»»»»Prerun check

 

»»»»» System restarted

 

»»»»» Postrun check

HKLM\SOFTWARE\~\Winlogon\ "system"=""

....

....

»»»»» Misc files.

C:\WINDOWS\xpupdate.exe Deleted

....

»»»»» Checking for older varients.

....

 

Search five digit cs, dm, kd, jb, other, files.

The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.

 

C:\WINDOWS\system32\cszgj.exe 52759 12/03/2007

C:\WINDOWS\system32\cspqa.exe 34827 05/08/2004

 

 

Click browse, find the file then click submit.

http://www.virustotal.com/flash/index_en.html

Or http://virusscan.jotti.org/

 

»»»»» Other

C:\WINDOWS\TEMP\dmauj.ren 57877 05/08/2004

 

 

 

»»»»» Current runs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe"

"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"

"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""

"MPS"="C:\\ACER\\PSM.EXE"

"AGRSMMSG"="AGRSMMSG.exe"

"High Definition Audio Property Page Shortcut"="HDAShCut.exe"

"SoundMan"="SOUNDMAN.EXE"

"AlcWzrd"="ALCWZRD.EXE"

"Alcmtr"="ALCMTR.EXE"

"Alaunch"="C:\\Windows\\alaunch.exe"

"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"

"Creative WebCam Tray"="C:\\Program Files\\Creative\\Shared Files\\CAMTRAY.EXE"

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

"Anniversaires"="C:\\Anuman Interactive\\Le journal de votre naissance\\anniv.exe"

"WOOWATCH"="C:\\PROGRA~1\\WANADOO\\Watch.exe"

"WOOTASKBARICON"="C:\\PROGRA~1\\WANADOO\\GestMaj.exe TaskBarIcon.exe"

"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"

"SDR6V_Check"="\"C:\\Program Files\\Fichiers communs\\DriveCleaner 2006 Free\\SDRmon.exe\""

"System"="C:\\WINDOWS\\system32\\kernels32.exe"

"runner1"="C:\\WINDOWS\\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A"

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

"WOOKIT"="C:\\PROGRA~1\\WANADOO\\Shell.exe appLaunchClientZone.shl|PARAM= cnx"

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"

@=""

"Brave-Sentry"="C:\\Program Files\\BraveSentry\\BraveSentry.exe"

....

Hosts file was reset, If you use a custom hosts file please replace it

»»»»» End report »»»»»

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Sur HijackThis, coche ces lignes :

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{59319E79-A7AB-447E-9DE8-063F319E4A87}: NameServer = 85.255.116.56,85.255.112.146

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.56 85.255.112.146

 

--> clic sur fix checked

 

 

 

 

- Télécharge clean.zip, décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

 

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

  • Redémarre ton ordinateur
  • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
  • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
  • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
  • Choisis ton compte.
     
     
    -- Ouvre le dossier SmitfraudFix double clic sur SmitfraudFix.cmd (ne
    clique sur aucun autre fichier!!!)
    -- Choisis l'option 2 et appuie sur Entrée
    -- Réponds o (Oui) aux deux questions suivantes si elles sont posées
    -- Un rapport sera généré sauvegarde le dans un dossier,
     
     
    Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
    Double-clic sur clean. Cela va ouvrir une fenêtre noire.
    Un menu va apparaître, choisis l'option 2 en appuyant sur la touche 2 de ton clavier.
    Clean va travailler.
    Un rapport Va etre généré, colle le contenu entier ici.

Déroule la liste des instructions ci-dessous :

  • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

Redémarre l'ordinateur

 

-- Copie/Colle ici les rapports :

- le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

- SDfix

- SmitFraudfix

- ainsi qu'un nouveau log HiJackThis

haguima Junior Member

haguima

Posté(e)
  • Auteur
Posté(e)

Voici le rapport clean:

Script execute en mode sans echec

Rapport clean par Malekal_morte - http://www.malekal.com

Script execute en mode sans echec 17/04/2007 a 15:25:43,01

 

Microsoft Windows XP [version 5.1.2600]

 

*** Suppression des fichiers dans C:

 

*** Suppression des fichiers dans C:\WINDOWS\

 

*** Suppression des fichiers dans C:\WINDOWS\system32

tentative de suppression de C:\WINDOWS\system32\dlh9jkd?q?.exe

tentative de suppression de C:\WINDOWS\system32\vx.tll

tentative de suppression de "C:\WINDOWS\Downloaded Program Files\*_*_*NetInstaller.exe"

tentative de suppression de "C:\Documents and Settings\marion\Application Data\hbtools\"

 

*** Suppression des fichiers dans C:\Program Files

tentative de suppression de "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\"

tentative de suppression de "C:\Program Files\BraveSentry\"

tentative de suppression de "C:\Program Files\GamesBar\"

 

*** Suppression des clefs du registre effectuee..

*** Fin du rapport !

 

le rapport SDfix:

 

SDFix: Version 1.78

 

Run by marion - 17/04/2007 - 15:27:34,25

 

Microsoft Windows XP [version 5.1.2600]

 

Running From: C:\SDFix

 

Safe Mode:

Checking Services:

 

 

 

 

 

 

Restoring Windows Registry Values

Restoring Windows Default Hosts File

 

 

Rebooting...

 

Normal Mode:

Checking Files:

 

Below files will be copied to Backups folder then removed:

 

C:\Documents and Settings\marion\Local Settings\Temp\2.dllb - Deleted

C:\Documents and Settings\marion\Local Settings\Temp\6.dllb - Deleted

C:\Documents and Settings\marion\Local Settings\Temp\7.dllb - Deleted

C:\WINDOWS\system32\zup.exe.exe - Deleted

C:\WINDOWS\system32\inst.exe.exe - Deleted

C:\DOCUME~1\marion\LOCALS~1\Temp\7a2951bd-5980-e70d-29d8-8b3e51a4ca66.tmp.exe - Deleted

C:\DOCUME~1\marion\LOCALS~1\Temp\temp.exe - Deleted

C:\WINDOWS\system32\peers.ini - Deleted

C:\WINDOWS\system32\svcp.csv - Deleted

C:\WINDOWS\system32\vexga4me1.exe - Deleted

C:\WINDOWS\system32\vexga5me3.exe - Deleted

 

 

 

Removing Temp Files

 

ADS Check:

 

Checking if ADS is attached to system32 Folder

C:\WINDOWS\system32

No streams found.

 

Checking if ADS is attached to svchost.exe

C:\WINDOWS\system32\svchost.exe

No streams found.

 

 

 

Final Check:

 

Remaining Services:

------------------

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Jeux classiques\\Bin\\CmCenterV2.exe"="C:\\Program Files\\Jeux classiques\\Bin\\CmCenterV2.exe:*:Disabled:CmCenter Module"

"C:\\Documents and Settings\\guillaume\\Mes documents\\Deer Hunter 2005\\DH2005.exe"="C:\\Documents and Settings\\guillaume\\Mes documents\\Deer Hunter 2005\\DH2005.exe:*:Enabled:DH2005"

"C:\\My Games\\JEOPARDY!\\JEOPARDY!.exe"="C:\\My Games\\JEOPARDY!\\JEOPARDY!.exe:*:Disabled:JEOPARDY!"

"C:\\WINDOWS\\System32\\dpvsetup.exe"="C:\\WINDOWS\\System32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Disabled:Navigateur Internet"

"C:\\Program Files\\EA SPORTS\\Madden NFL 2003\\mainapp.exe"="C:\\Program Files\\EA SPORTS\\Madden NFL 2003\\mainapp.exe:*:Disabled:mainapp"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"

"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

"C:\\WINDOWS\\system32\\dllcache\\svcshoter.exe"="C:\\WINDOWS\\system32\\dllcache\\svcshoter.exe:*:Enabled:Microsoft Star Window Service"

"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:svchost"

"C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos"

"C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos"

"C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help"

"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"

"C:\\Program Files\\Windows Media Components\\Encoder\\WMEnc.exe"="C:\\Program Files\\Windows Media Components\\Encoder\\WMEnc.exe:*:Enabled:Windows Media Encoder"

"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"

 

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"

"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

 

 

Remaining Files:

---------------

 

Backups Folder: - C:\SDFix\backups\backups.zip

 

Checking For Files with Hidden Attributes:

 

C:\WINDOWS\system32\NTICDMK32.dll

C:\WINDOWS\system32\NTIMPEG2.dll

C:\WINDOWS\system32\ntiembed.dll

C:\Program Files\Picasa2\setup.exe

C:\Documents and Settings\marion\Mes documents\chasse\SIV4.tmp

C:\Documents and Settings\marion\Mes documents\cuisine\plat\~WRL0002.tmp

C:\Documents and Settings\marion\Mes documents\cuisine\plat\~WRL0005.tmp

 

Finished

le rapport SmitFraudfix:

SmitFraudFix v2.169

 

Rapport fait à 15:24:34,20, 17/04/2007

Executé à partir de C:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est FAT32

Fix executé en mode sans echec

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

 

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

127.0.0.1 localhost

 

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

 

GenericRenosFix by S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

 

C:\WINDOWS\xpupdate.exe supprimé

C:\WINDOWS\system32\kernels32.exe supprimé

C:\Documents and Settings\marion\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBlast v5.0.lnk supprimé

 

détecté !

utilisez un scanner de Rootkit

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

 

Nettoyage terminé.

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

 

et le log HiJackThis:

Logfile of HijackThis v1.99.1

Scan saved at 15:40:29, on 17/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\ACER\PSM.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\WANADOO\TaskBarIcon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\PROGRA~1\WANADOO\GestionnaireInternet.exe

C:\PROGRA~1\WANADOO\ComComp.exe

C:\PROGRA~1\WANADOO\Toaster.exe

C:\PROGRA~1\WANADOO\Inactivity.exe

C:\PROGRA~1\WANADOO\PollingModule.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\PROGRA~1\WANADOO\Watch.exe

C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe

C:\Program Files\HijackThis\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL

O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing)

O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Anniversaires] C:\Anuman Interactive\Le journal de votre naissance\anniv.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - Startup: TomTom HOME.lnk = C:\Program Files\TomTom HOME\TomTomHOME.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)

O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing)

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/re...es/MsnPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165964504171

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

- Télécharge DiagHelp.zip sur ton bureau - Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php

- Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout

- Un nouveau dossier chercher va être créé DiagHelp

- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)

- Une fenêtre va s'ouvrir, choisis l'option 1

- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.

 

ATTENTION : pendant l'analyse, après le rapport catchme, il te sera demandé d'appuyer sur une touche afin de poursuivre le scan, suis bien les instructions à l'écran !

 

- A la fin de l'analyse, il peut-être (pas obligatoire) demandé de redemanderl'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt

- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :

-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout

-- A nouveau menu Edition / copier

-- Dans un nouveau message ici, faire un clic droit / coller

haguima Junior Member

haguima

Posté(e)
  • Auteur
Posté(e)

voici le rapport:

C:\WINDOWS\System32\tmp.txt -->17/04/2007 15:24:40

C:\WINDOWS\System32\tmp.reg -->17/04/2007 15:24:40

C:\WINDOWS\System32\vexga4m1et4.exe -->17/04/2007 14:27:12

C:\WINDOWS\System32\vexg3am1et3.exe -->17/04/2007 14:27:10

C:\WINDOWS\System32\vexg4am1et2.exe -->17/04/2007 14:27:10

C:\WINDOWS\System32\vexg6ame4.exe -->17/04/2007 13:02:44

C:\WINDOWS\System32\cent.exe -->17/04/2007 08:29:28

C:\WINDOWS\System32\wpa.dbl -->17/04/2007 08:11:12

C:\WINDOWS\System32\FNTCACHE.DAT -->02/04/2007 19:07:54

C:\WINDOWS\System32\AdobeFnt.lst -->27/03/2007 14:46:16

C:\WINDOWS\System32\cszgj.exe -->12/03/2007 09:05:36

C:\WINDOWS\System32\PCANDIS5.sys -->23/01/2007 15:25:50

C:\WINDOWS\System32\W32N50.dll -->23/01/2007 15:25:50

C:\WINDOWS\System32\tmp9AF84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpB7F84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpC4F84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpD1F84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpEEE84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\zllictbl.dat -->21/01/2007 22:43:48

C:\WINDOWS\System32\ikhcore.log -->17/01/2007 20:48:06

C:\WINDOWS\System32\CONFIG.NT -->17/01/2007 17:36:22

C:\WINDOWS\System32\dip.exe -->17/01/2007 15:34:36

C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:08

C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20

C:\WINDOWS\System32\LegitCheckControl.DLL -->12/12/2006 10:45:04

 

C:\WINDOWS\WindowsUpdate.log -->17/04/2007 16:18:00

C:\WINDOWS.log -->17/04/2007 16:06:48

C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->17/04/2007 16:06:10

C:\WINDOWS\wiadebug.log -->17/04/2007 16:06:04

C:\WINDOWS\bootstat.dat -->17/04/2007 16:05:48

C:\WINDOWS\setupact.log -->17/04/2007 15:26:10

C:\WINDOWS\ntbtlog.txt -->17/04/2007 15:23:30

C:\WINDOWS\SchedLgU.Txt -->17/04/2007 15:22:18

C:\WINDOWS\wiaservc.log -->17/04/2007 15:22:18

C:\WINDOWS\updater.exe.bin -->17/04/2007 08:11:56

C:\WINDOWS\wmsetup.log -->11/04/2007 12:06:52

C:\WINDOWS\updater.exe.tmp -->11/04/2007 11:55:10

C:\WINDOWS\NAVIGMA.INI -->05/04/2007 21:24:34

C:\WINDOWS\EPISMF00.SWB -->02/04/2007 19:40:14

C:\WINDOWS\setupapi.log -->02/04/2007 18:25:06

 

C:\WINDOWS\twunk_16.exe |01/01/1980 00:00:00

C:\WINDOWS\twunk_32.exe |01/01/1980 00:00:00

C:\WINDOWS\SETR.EXE |01/01/1980 00:00:00

C:\WINDOWS\AMOVE.EXE |01/01/1980 00:00:00

C:\WINDOWS\ALAUNCH.EXE |01/01/1980 00:00:00

C:\WINDOWS\EHIB.EXE |01/01/1980 00:00:00

C:\WINDOWS\GalleryPlayer Images Uninstaller.exe |03/10/2005 19:40:02

C:\WINDOWS\gmer.exe |21/01/2007 21:34:21

C:\WINDOWS\uninst.exe |06/01/2007 14:48:06

C:\WINDOWS\IsUninst.exe |06/01/2007 14:52:23

C:\WINDOWS\unvise32.exe |25/03/2007 11:01:47

C:\WINDOWS\AGRSMMSG.exe |01/01/1980 00:00:00

C:\WINDOWS\agrsmdel.exe |01/01/1980 00:00:00

C:\WINDOWS\SoundMan.exe |22/03/2005 14:26:50

C:\WINDOWS\RTHDCPL.EXE |22/03/2005 14:26:50

C:\WINDOWS\RTLCPL.EXE |22/03/2005 14:26:49

C:\WINDOWS\ALCWZRD.EXE |22/03/2005 14:26:50

C:\WINDOWS\unin040c.exe |08/12/2005 10:12:00

C:\WINDOWS\CtDrvIns.exe |24/02/2006 18:11:52

C:\WINDOWS\V0090Cfg.exe |24/02/2006 18:11:52

C:\WINDOWS\Ctregrun.exe |24/02/2006 18:12:30

C:\WINDOWS\IsUn040c.exe |11/02/2006 14:28:33

C:\WINDOWS\twain.dll |01/01/1980 00:00:00

C:\WINDOWS\twain_32.dll |01/01/1980 00:00:00

C:\WINDOWS\sysgtime.dll |07/01/2000 01:00:00

C:\WINDOWS\gmer.dll |21/01/2007 21:34:21

C:\WINDOWS\RtlExUpd.dll |03/04/2005 02:24:24

C:\WINDOWS\kpapi32.dll |08/12/2005 10:13:17

C:\WINDOWS\kpcp32.dll |08/12/2005 10:13:17

C:\WINDOWS\kpsys32.dll |08/12/2005 10:13:17

C:\WINDOWS\Sprof32.dll |08/12/2005 10:13:17

C:\WINDOWS\pcdlib32.dll |08/12/2005 10:13:17

C:\WINDOWS\system32\append.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\debug.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34

C:\WINDOWS\system32\edlin.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\exe2bin.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\fastopen.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\mem.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\mscdexnt.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\nlsfunc.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\setver.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\share.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\java.exe |04/05/2006 21:58:40

C:\WINDOWS\system32\dosx.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\redir.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\FTRTSVC.exe |23/01/2007 16:01:55

C:\WINDOWS\system32\javaw.exe |04/05/2006 21:58:40

C:\WINDOWS\system32\aswBoot.exe |08/12/2005 10:17:54

C:\WINDOWS\system32\javaws.exe |04/05/2006 21:58:40

C:\WINDOWS\system32\ASPTV.EXE |01/01/1980 00:00:00

C:\WINDOWS\system32\ASPFM.EXE |01/01/1980 00:00:00

C:\WINDOWS\system32\swreg.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\swsc.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\dumphive.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\swxcacls.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\pxhpinst.exe |23/01/2007 21:22:34

C:\WINDOWS\system32\fslfd.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\yenjm.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\dip.exe |17/01/2007 15:34:34

C:\WINDOWS\system32\aoiqd.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\arlnl.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\ilpjc.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cesoa.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\bydyf.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cszgj.exe |21/03/2007 18:02:43

C:\WINDOWS\system32\vixwj.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\uhewj.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\smyun.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\vdbne.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cspqa.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\mrkyl.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\phvqm.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\jcfaz.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\zfqis.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cent.exe |17/04/2007 08:29:25

C:\WINDOWS\system32\Hdaudpropshortcut.exe |17/03/2004 15:10:40

C:\WINDOWS\system32\Process.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\SrchSTS.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\creLink.exe |22/03/2005 14:34:45

C:\WINDOWS\system32\CreMan.exe |22/03/2005 14:35:01

C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\ChCfg.exe |03/04/2005 02:24:28

C:\WINDOWS\system32\HdAShCut.exe |07/01/2005 17:07:16

C:\WINDOWS\system32\MaggiUninstall60.exe |06/01/2007 14:48:19

C:\WINDOWS\system32\TVIcon.exe |23/11/2005 16:22:42

C:\WINDOWS\system32\vexg4am1et2.exe |11/04/2007 11:53:42

C:\WINDOWS\system32\vexg3am1et3.exe |17/04/2007 08:29:36

C:\WINDOWS\system32\vexga4m1et4.exe |17/04/2007 09:45:59

C:\WINDOWS\system32\vexg6ame4.exe |17/04/2007 09:46:00

C:\WINDOWS\system32\V0090Srv.exe |24/02/2006 18:11:52

C:\WINDOWS\system32\unwlsdrv.exe |06/01/2005 15:04:00

C:\WINDOWS\system32\ir32_32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgaw400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgdw400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgmd400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgpl400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgsd400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgsh400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06

C:\WINDOWS\system32\msencode.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\slbrccsp.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\tsd32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\win87em.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16

C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\amstream.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atmfd.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atmlib.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\compatUI.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\encdec.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\iccvid.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ieencode.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\msdmo.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\qedwipes.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\sbe.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\slbcsp.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\slbiop.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir41_qc.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir41_qcx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir50_32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir50_qc.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir50_qcx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ltkrn13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\EqnClass.Dll |22/03/2005 14:15:29

C:\WINDOWS\system32\spxcoins.dll |22/03/2005 14:15:29

C:\WINDOWS\system32\dgsetup.dll |22/03/2005 14:15:29

C:\WINDOWS\system32\dgrpsetu.dll |22/03/2005 14:15:29

C:\WINDOWS\system32\ltfil13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\ltdis13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\ltimg13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\lfbmp13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\lfcmp13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\ltefx13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\lfgif13n.dll |22/08/2006 17:54:52

C:\WINDOWS\system32\lame_enc.dll |11/04/2000 20:44:56

C:\WINDOWS\system32\epcomdd.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\ESDTR.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\ESICM.dll |29/11/2006 16:27:35

C:\WINDOWS\system32\esccm.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\esccmd.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\esccmn.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escimg.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escimgd.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escimgn.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escwiab.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escwiad.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escwian.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\px.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\pxmas.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\pxwave.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\vxblock.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\pxdrv.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\mgxoschk.dll |03/01/2007 11:39:29

C:\WINDOWS\system32\INETWH32.dll |03/01/2007 11:39:50

C:\WINDOWS\system32\ROBOEX32.DLL |24/02/2006 18:09:53

C:\WINDOWS\system32\SHW32.DLL |27/03/2007 21:38:32

C:\WINDOWS\system32\hticons.dll |22/03/2005 14:18:52

C:\WINDOWS\system32\Hdaudprop.dll |17/03/2004 15:10:40

C:\WINDOWS\system32\isrdbg32.dll |22/03/2005 14:19:50

C:\WINDOWS\system32\Hdaudpropres.dll |18/03/2004 17:18:08

C:\WINDOWS\system32\NTICDMK32.dll |22/03/2005 14:33:49

C:\WINDOWS\system32\NTIMPEG2.dll |22/03/2005 14:33:49

C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30

C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38

C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56

C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36

C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29

C:\WINDOWS\system32\ntiembed.dll |22/03/2005 14:34:20

C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00

C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\Esint23.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\Esintpl.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\Epfb5cpl.dll |29/11/2006 16:27:36

C:\WINDOWS\system32\HdAProp.dll |07/01/2005 17:07:16

C:\WINDOWS\system32\HdAudRes.dll |07/01/2005 17:07:04

C:\WINDOWS\system32\HtmlWH.dll |03/01/2007 11:39:49

C:\WINDOWS\system32\IfHelper.dll |23/01/2007 16:01:55

C:\WINDOWS\system32\RtlCPAPI.dll |22/03/2005 14:26:49

C:\WINDOWS\system32\vp6vfw.dll |23/11/2005 17:55:34

C:\WINDOWS\system32\fun_avcodec.dll |01/02/2007 16:30:54

C:\WINDOWS\system32\EBPMON24.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\ECBTEG.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\EBPCHP.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\E_DCINST.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\Epcmlib.dll |06/12/2005 14:54:51

C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 02:53:58

C:\WINDOWS\system32\cppenv25.dll |08/12/2005 10:13:15

C:\WINDOWS\system32\EZIMG25.dll |08/12/2005 10:13:16

C:\WINDOWS\system32\WINSIZE.DLL |08/12/2005 10:13:16

C:\WINDOWS\system32\Snap32n.dll |08/12/2005 10:13:17

C:\WINDOWS\system32\MSVCRT10.DLL |08/12/2005 10:13:17

C:\WINDOWS\system32\ATMDRVR.DLL |08/12/2005 10:14:25

C:\WINDOWS\system32\fun_mp4_dec.dll |01/02/2007 16:30:55

C:\WINDOWS\system32\fun_mp4_enc.dll |01/02/2007 16:30:55

C:\WINDOWS\system32\WooDial2000.dll |24/02/2006 17:42:20

C:\WINDOWS\system32\rnaph.dll |24/02/2006 17:42:13

C:\WINDOWS\system32\CtCamMgr.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\CtRegApp.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Hwx.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Pin.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Sti.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Vfw.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\hypertrm.dll |22/03/2005 14:18:48

C:\WINDOWS\system32\W32N50.dll |06/03/2006 11:22:41

C:\WINDOWS\system32\ffJmpWeb.dll |06/03/2006 11:38:09

C:\WINDOWS\system32\mcdvd_32.dll |10/03/2006 14:14:45

C:\WINDOWS\system32\divx.dll |10/03/2006 14:14:45

C:\WINDOWS\system32\xvidcore.dll |10/03/2006 14:14:45

C:\WINDOWS\system32\xvidvfw.dll |10/03/2006 14:14:45

 

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\WINDOWS\system

 

23/08/2001 05:00 9 728 regsvr32.exe

1 fichier(s) 9 728 octets

0 Rép(s) 156 227 141 632 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\WINDOWS\system32

 

05/08/2004 05:00 6 144 csrss.exe

12/03/2007 09:05 52 759 cszgj.exe

05/08/2004 05:00 34 827 cspqa.exe

3 fichier(s) 93 730 octets

0 Rép(s) 156 227 141 632 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

22/03/2005 14:20 <REP> .

22/03/2005 14:20 <REP> ..

22/03/2005 14:20 65 desktop.ini

10/11/2005 14:05 876 jinstall-1_5_0_06.inf

14/05/2006 10:56 <REP> DinerDash.1.0.0.58

03/06/2002 17:53 144 QTPlugin.inf

19/06/2002 14:11 117 088 PURen-us.dll

15/10/2004 07:59 110 592 PURfr-xx.dll

25/06/2006 12:50 1 793 erma.inf

26/05/2005 04:19 293 muweb.inf

20/06/2006 15:44 379 704 MsnPUpld.dll

19/06/2006 14:40 393 MsnPUpld.inf

20/12/2006 01:00 124 584 naveng32.dll

20/12/2006 01:00 882 344 navex32a.dll

20/12/2006 01:00 2 504 catalog.dat

20/12/2006 01:00 272 040 ecmsvr32.dll

20/12/2006 01:00 6 899 ecbootil.vxd

20/12/2006 01:00 32 virscant.dat

20/12/2006 01:00 974 242 virscan1.dat

20/12/2006 01:00 569 910 virscan2.dat

20/12/2006 01:00 147 296 virscan3.dat

20/12/2006 01:00 320 186 virscan4.dat

20/12/2006 01:00 3 086 703 virscan5.dat

20/12/2006 01:00 390 030 virscan6.dat

20/12/2006 01:00 5 396 298 virscan7.dat

20/12/2006 01:00 1 650 979 virscan8.dat

20/12/2006 01:00 3 940 959 virscan9.dat

20/12/2006 01:00 224 zdone.dat

20/12/2006 01:00 106 244 virscan.inf

20/12/2006 01:00 97 696 scrauth.dat

20/12/2006 01:00 453 tinf.dat

20/12/2006 01:00 148 tinfidx.dat

20/12/2006 01:00 1 957 tinfl.dat

20/12/2006 01:00 64 048 tscan1.dat

20/12/2006 01:00 3 072 tscan1hd.dat

20/12/2006 01:00 1 061 symaveng.inf

20/12/2006 01:00 9 237 symaveng.cat

20/12/2006 01:00 187 543 tcdefs.dat

20/12/2006 01:00 1 172 076 tcscan7.dat

20/12/2006 01:00 323 242 tcscan8.dat

20/12/2006 01:00 728 804 tcscan9.dat

20/12/2006 01:00 4 778 v.grd

20/12/2006 01:00 2 261 v.sig

28/12/2006 17:58 2 072 vscanmsx.dat

09/11/2006 14:36 5 019 swflash.inf

11/12/2006 16:44 367 LegitCheckControl.inf

09/01/2007 08:30 110 592 PURfr-fr.dll

44 fichier(s) 21 196 848 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:46 995 328 dinerdash.exe

14/05/2006 10:56 <REP> assets

1 fichier(s) 995 328 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 460 playfirst_logo.png

18/11/2005 09:43 11 803 strings.xml

14/05/2006 10:56 <REP> accessories

14/05/2006 10:56 <REP> backgrounds

14/05/2006 10:56 <REP> buttons

14/05/2006 10:56 <REP> comics

14/05/2006 10:56 <REP> config

14/05/2006 10:56 <REP> cook

14/05/2006 10:56 <REP> cursor

14/05/2006 10:56 <REP> flo

14/05/2006 10:56 <REP> fonts

14/05/2006 10:56 <REP> furniture

14/05/2006 10:56 <REP> hiscore

14/05/2006 10:56 <REP> layouts

14/05/2006 10:56 <REP> restaurants

14/05/2006 10:56 <REP> scripts

14/05/2006 10:56 <REP> splash

14/05/2006 10:56 <REP> ui

14/05/2006 10:56 <REP> audio

14/05/2006 10:56 <REP> customers

2 fichier(s) 17 263 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 568 cup.png

18/11/2005 09:43 619 customer_cup.png

18/11/2005 09:43 239 heart.png

18/11/2005 09:43 927 menu_down.png

18/11/2005 09:43 1 244 menu_up.png

18/11/2005 09:43 850 plates.png

18/11/2005 09:43 741 ticket.png

18/11/2005 09:43 1 639 tray.png

8 fichier(s) 6 827 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 1 319 choosedifficulty.png

18/11/2005 09:43 12 316 credits.jpg

18/11/2005 09:43 12 927 flo_lose.png

18/11/2005 09:43 13 807 flo_win.png

18/11/2005 09:43 16 725 help1.jpg

18/11/2005 09:43 18 595 help2.jpg

18/11/2005 09:43 14 327 highscores.jpg

18/11/2005 09:43 14 586 levelintro.jpg

18/11/2005 09:43 2 967 levelintro_mask.png

18/11/2005 09:43 14 582 levelover.jpg

18/11/2005 09:43 3 383 levelover_mask.png

18/11/2005 09:43 43 278 mainmenu.jpg

18/11/2005 09:43 7 362 popup.jpg

18/11/2005 09:43 1 899 popup_mask.png

18/11/2005 09:43 6 010 upgradegrid.png

18/11/2005 09:43 3 218 upgradetitle.png

18/11/2005 09:43 39 050 upsell.jpg

17 fichier(s) 226 351 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 825 arrowleft_blue.png

18/11/2005 09:43 995 arrowleft_yellow.png

18/11/2005 09:43 827 arrowright_blue.png

18/11/2005 09:43 991 arrowright_yellow.png

18/11/2005 09:43 2 326 backchalk.png

18/11/2005 09:43 2 960 backchalkup.png

18/11/2005 09:43 1 420 backtomenu_blue.png

18/11/2005 09:43 1 393 backtomenu_yellow.png

18/11/2005 09:43 1 795 back_blue.png

18/11/2005 09:43 1 761 back_yellow.png

18/11/2005 09:43 2 403 cancel.png

18/11/2005 09:43 2 368 cancelup.png

18/11/2005 09:43 2 722 career.png

18/11/2005 09:43 2 714 career_over.png

18/11/2005 09:43 2 156 close.png

18/11/2005 09:43 2 223 closeup.png

18/11/2005 09:43 3 346 continue.png

18/11/2005 09:43 3 208 continueover.png

18/11/2005 09:43 1 378 credits_blue.png

18/11/2005 09:43 1 365 credits_yellow.png

18/11/2005 09:43 2 073 download_blue.png

18/11/2005 09:43 2 081 download_yellow.png

18/11/2005 09:43 2 530 easy.png

18/11/2005 09:43 1 695 easy_over.png

18/11/2005 09:43 2 882 endlessshift.png

18/11/2005 09:43 2 886 endlessshift_over.png

18/11/2005 09:43 2 525 hard.png

18/11/2005 09:43 1 780 hard_over.png

18/11/2005 09:43 1 397 help.png

18/11/2005 09:43 1 395 help_over.png

18/11/2005 09:43 2 871 highscores.png

18/11/2005 09:43 2 871 highscores_over.png

18/11/2005 09:43 1 492 instructions_blue.png

18/11/2005 09:43 1 487 instructions_yellow.png

18/11/2005 09:43 1 491 letsplay.png

18/11/2005 09:43 1 491 letsplayover.png

18/11/2005 09:43 2 934 medium.png

18/11/2005 09:43 1 972 medium_over.png

18/11/2005 09:43 2 909 moreinfo.png

18/11/2005 09:43 2 903 moreinfoup.png

18/11/2005 09:43 580 off.png

18/11/2005 09:43 580 off_on.png

18/11/2005 09:43 505 on.png

18/11/2005 09:43 504 on_on.png

18/11/2005 09:43 827 pause.png

18/11/2005 09:43 843 pauseover.png

18/11/2005 09:43 2 835 quit.png

18/11/2005 09:43 3 776 quitgame.png

18/11/2005 09:43 3 122 quitgameover.png

18/11/2005 09:43 2 866 quitover.png

18/11/2005 09:43 3 762 resumegame.png

18/11/2005 09:43 3 196 resumegameover.png

18/11/2005 09:43 2 812 submit.png

18/11/2005 09:43 2 737 submitup.png

18/11/2005 09:43 3 175 tryagain.png

18/11/2005 09:43 3 244 tryagainover.png

18/11/2005 09:43 4 392 upgrade_over.png

18/11/2005 09:43 4 429 upgrade_up.png

18/11/2005 09:43 4 235 viewglobal.png

18/11/2005 09:43 4 219 viewglobalup.png

18/11/2005 09:43 3 710 viewhighscore.png

18/11/2005 09:43 3 250 viewhighscoreon.png

18/11/2005 09:43 4 189 viewlocal.png

18/11/2005 09:43 4 173 viewlocalup.png

64 fichier(s) 150 802 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 31 920 webcomic.jpg

1 fichier(s) 31 920 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 33 657 career.xml

18/11/2005 09:43 11 169 customer.xml

18/11/2005 09:43 17 741 endless.xml

18/11/2005 09:43 621 global.xml

18/11/2005 09:43 3 137 powerups.xml

5 fichier(s) 66 325 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 6 690 cook.png

18/11/2005 09:43 3 091 cook.xml

18/11/2005 09:43 228 stove.png

3 fichier(s) 10 009 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 1 773 arrow.png

18/11/2005 09:43 2 028 click.png

18/11/2005 09:43 1 926 click2.png

18/11/2005 09:43 1 726 grab.png

18/11/2005 09:43 2 274 open.png

5 fichier(s) 9 727 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 21 613 idle.png

18/11/2005 09:43 2 752 idle.xml

18/11/2005 09:43 6 943 lower.png

18/11/2005 09:43 2 177 lower.xml

18/11/2005 09:43 16 974 upper.png

18/11/2005 09:43 6 892 upper.xml

6 fichier(s) 57 351 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 36 107 arial.mvec

18/11/2005 09:43 34 231 komikaaxis.mvec

2 fichier(s) 70 338 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 529 chair.png

18/11/2005 09:43 2 914 chair.xml

18/11/2005 09:43 1 512 dirt2top.png

18/11/2005 09:43 1 762 dirt4top.png

18/11/2005 09:43 11 831 dishcart.png

18/11/2005 09:43 1 455 dishcart.xml

18/11/2005 09:43 2 990 drinkstation_off.png

18/11/2005 09:43 3 248 drinkstation_on1.png

18/11/2005 09:43 2 965 drinkstation_on2.png

18/11/2005 09:43 14 012 ticketstation.png

18/11/2005 09:43 2 621 ticketstation.xml

11 fichier(s) 50 839 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 700 arrowdown.png

18/11/2005 09:43 699 arrowdownon.png

18/11/2005 09:43 684 arrowleft.png

18/11/2005 09:43 684 arrowlefton.png

18/11/2005 09:43 677 arrowright.png

18/11/2005 09:43 679 arrowrighton.png

18/11/2005 09:43 701 arrowup.png

18/11/2005 09:43 703 arrowupon.png

18/11/2005 09:43 357 p1icon.png

18/11/2005 09:43 3 844 textedit.png

18/11/2005 09:43 2 066 title.png

11 fichier(s) 11 794 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 301 endless_1_1.txt

18/11/2005 09:43 301 endless_1_1_a.txt

18/11/2005 09:43 301 endless_1_1_b.txt

18/11/2005 09:43 301 endless_1_1_c.txt

18/11/2005 09:43 301 endless_1_2.txt

18/11/2005 09:43 301 endless_1_2_a.txt

18/11/2005 09:43 313 endless_1_2_b.txt

18/11/2005 09:43 301 endless_1_2_c.txt

18/11/2005 09:43 301 endless_1_2_d.txt

18/11/2005 09:43 301 endless_1_3.txt

18/11/2005 09:43 301 endless_1_3_a.txt

18/11/2005 09:43 301 endless_1_3_b.txt

18/11/2005 09:43 301 endless_1_3_c.txt

18/11/2005 09:43 301 endless_1_3_d.txt

18/11/2005 09:43 313 fifth_level_diner.txt

18/11/2005 09:43 313 first_level_diner.txt

18/11/2005 09:43 313 fourth_level_diner.txt

18/11/2005 09:43 313 second_level_diner.txt

18 fichier(s) 5 478 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 2 996 tableshadow.png

14/05/2006 10:56 <REP> diner

1 fichier(s) 2 996 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 23 014 background.jpg

18/11/2005 09:43 443 upgrades.xml

14/05/2006 10:56 <REP> food

14/05/2006 10:56 <REP> frames

14/05/2006 10:56 <REP> tables

2 fichier(s) 23 457 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 3 323 food1.png

18/11/2005 09:43 679 food1.xml

18/11/2005 09:43 3 217 food2.png

18/11/2005 09:43 678 food2.xml

18/11/2005 09:43 3 263 food3.png

18/11/2005 09:43 678 food3.xml

6 fichier(s) 11 838 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 28 970 upgrade_0001.png

1 fichier(s) 28 970 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 2 142 2top.png

18/11/2005 09:43 1 757 2top.xml

18/11/2005 09:43 1 926 4top.png

18/11/2005 09:43 2 227 4top.xml

4 fichier(s) 8 052 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 1 947 choosedifficulty.lua

18/11/2005 09:43 3 861 chooseplayer.lua

18/11/2005 09:43 1 497 chooserestaurant.lua

18/11/2005 09:43 8 311 credits.lua

18/11/2005 09:43 3 992 game.lua

18/11/2005 09:43 1 300 gothighscore.lua

18/11/2005 09:43 2 500 help.lua

18/11/2005 09:43 3 381 help2.lua

18/11/2005 09:43 14 475 hiscore.lua

18/11/2005 09:43 702 hiscoreinfo.lua

18/11/2005 09:43 3 784 hiscoresubmit.lua

18/11/2005 09:43 1 582 levelintro.lua

18/11/2005 09:43 3 623 levelover.lua

18/11/2005 09:43 775 loading.lua

18/11/2005 09:43 569 mainloop.lua

18/11/2005 09:43 2 548 mainmenu.lua

18/11/2005 09:43 836 ok.lua

18/11/2005 09:43 2 057 pause.lua

18/11/2005 09:43 1 323 style.lua

18/11/2005 09:43 1 521 tutorialintro.lua

18/11/2005 09:43 2 754 upgrade.lua

18/11/2005 09:43 943 upsell.lua

18/11/2005 09:43 2 202 webcomic.lua

18/11/2005 09:43 1 516 yesno.lua

24 fichier(s) 67 999 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 7 639 gamelabsplash.jpg

18/11/2005 09:43 21 506 playfirst_logo.jpg

2 fichier(s) 29 145 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 3 181 angersmoke.png

18/11/2005 09:43 1 179 angersmoke.xml

18/11/2005 09:43 2 098 chairflags.png

18/11/2005 09:43 1 884 chairflags.xml

18/11/2005 09:43 1 641 check.png

18/11/2005 09:43 335 checkmark.png

18/11/2005 09:43 9 739 clock.png

18/11/2005 09:43 3 021 closed.png

18/11/2005 09:43 5 511 closingtime.png

18/11/2005 09:43 2 511 coinflip.png

18/11/2005 09:43 1 146 coinflip.xml

18/11/2005 09:43 1 182 dollar.png

18/11/2005 09:43 6 341 expert.png

18/11/2005 09:43 3 910 expertscore.png

18/11/2005 09:43 5 463 foodpoof.png

18/11/2005 09:43 640 foodpoof.xml

18/11/2005 09:43 2 676 fork_timer.png

18/11/2005 09:43 2 680 goalcompleted.png

18/11/2005 09:43 2 013 heartgrow.png

18/11/2005 09:43 1 117 heartgrow.xml

18/11/2005 09:43 18 939 jar.png

18/11/2005 09:43 941 jar.xml

18/11/2005 09:43 10 376 level.png

18/11/2005 09:43 4 276 level_career.png

18/11/2005 09:43 8 910 score.png

18/11/2005 09:43 697 sound.png

18/11/2005 09:43 862 staroff.png

18/11/2005 09:43 1 830 staron.png

18/11/2005 09:43 2 187 tablenumber.png

18/11/2005 09:43 2 303 tablenumberup.png

18/11/2005 09:43 419 traynumber.png

18/11/2005 09:43 1 014 tutorialarrow.png

18/11/2005 09:43 1 880 tutorialbox.png

18/11/2005 09:43 6 924 tutorial_character.png

18/11/2005 09:43 11 027 upgradeanim.png

18/11/2005 09:43 1 457 upgradeanim.xml

14/05/2006 10:56 <REP> doodles

14/05/2006 10:56 <REP> upgrades

36 fichier(s) 132 310 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 155 coffee.png

18/11/2005 09:43 3 960 tables.png

18/11/2005 09:43 2 928 wallpaper.png

3 fichier(s) 12 043 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 2 301 drinks.png

18/11/2005 09:43 4 505 maitred.png

18/11/2005 09:43 3 783 oven.png

18/11/2005 09:43 4 177 select.png

18/11/2005 09:43 2 482 shoes.png

18/11/2005 09:43 4 267 stereo.png

18/11/2005 09:43 3 924 table.png

7 fichier(s) 25 439 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

14/05/2006 10:56 <REP> music

14/05/2006 10:56 <REP> sfx

0 fichier(s) 0 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 55 809 mainmenumusic.ogg

1 fichier(s) 55 809 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 299 sfx_bring_check_1_snd.ogg

18/11/2005 09:43 3 602 sfx_deliver_food_1_snd.ogg

18/11/2005 09:43 5 560 sfx_deliver_order_1_snd.ogg

18/11/2005 09:43 9 248 sfx_diner.ogg

18/11/2005 09:43 3 906 sfx_dish_dropoff_1_snd.ogg

18/11/2005 09:43 3 932 sfx_food_ready_1_snd.ogg

18/11/2005 09:43 3 650 sfx_gain_heart_1.ogg

18/11/2005 09:43 14 169 sfx_get_drinks_1_snd.ogg

18/11/2005 09:43 6 727 sfx_party_arrive_1_snd.ogg

18/11/2005 09:43 4 861 sfx_pencil_write_2.ogg

18/11/2005 09:43 4 413 sfx_pickup_food_1_snd.ogg

18/11/2005 09:43 2 868 sfx_rollover_1.ogg

18/11/2005 09:43 4 862 sfx_seat_people_snd.ogg

13 fichier(s) 73 097 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

14/05/2006 10:56 <REP> old_male

14/05/2006 10:56 <REP> young_female

0 fichier(s) 0 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 13 644 anim.xml

14/05/2006 10:56 <REP> blue

14/05/2006 10:56 <REP> green

14/05/2006 10:56 <REP> purple

14/05/2006 10:56 <REP> red

14/05/2006 10:56 <REP> yellow

1 fichier(s) 13 644 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 880 anim.png

18/11/2005 09:43 1 479 anim.xml

18/11/2005 09:43 678 sit_legs.png

3 fichier(s) 17 037 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 567 anim.png

18/11/2005 09:43 1 481 anim.xml

18/11/2005 09:43 626 sit_legs.png

3 fichier(s) 16 674 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 859 anim.png

18/11/2005 09:43 1 483 anim.xml

18/11/2005 09:43 640 sit_legs.png

3 fichier(s) 16 982 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 840 anim.png

18/11/2005 09:43 1 477 anim.xml

18/11/2005 09:43 649 sit_legs.png

3 fichier(s) 16 966 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 982 anim.png

18/11/2005 09:43 1 483 anim.xml

18/11/2005 09:43 786 sit_legs.png

3 fichier(s) 17 251 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 13 571 anim.xml

14/05/2006 10:56 <REP> blue

14/05/2006 10:56 <REP> green

14/05/2006 10:56 <REP> purple

14/05/2006 10:56 <REP> red

14/05/2006 10:56 <REP> yellow

1 fichier(s) 13 571 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 922 anim.png

18/11/2005 09:43 1 485 anim.xml

18/11/2005 09:43 476 sit_legs.png

3 fichier(s) 13 883 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 759 anim.png

18/11/2005 09:43 1 487 anim.xml

18/11/2005 09:43 448 sit_legs.png

3 fichier(s) 13 694 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 875 anim.png

18/11/2005 09:43 1 489 anim.xml

18/11/2005 09:43 475 sit_legs.png

3 fichier(s) 13 839 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 584 anim.png

18/11/2005 09:43 1 483 anim.xml

18/11/2005 09:43 466 sit_legs.png

3 fichier(s) 13 533 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 12 011 anim.png

18/11/2005 09:43 1 489 anim.xml

18/11/2005 09:43 483 sit_legs.png

3 fichier(s) 13 983 octets

 

Total des fichiers listés :

330 fichier(s) 23 559 412 octets

122 Rép(s) 156 226 093 056 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

 

 

 

Liste des programmes installes

 

105462 Unistall

61478 Unistall

802.11 USB Wireless LAN Adapter

Adobe Acrobat Reader 3.01

Adobe Flash Player 9 ActiveX

Adobe Reader 6.0.1

Adobe Shockwave Player

Adobe Type Manager 4.0

Agere Systems PCI Soft Modem

ArcSoft Multimedia Email

ATI Display Driver

avast! Antivirus

Barre d'outils MSN

Big Fish Games Toolbar

Camera Support Core Library

Canon Camera Support Core Library

Codeur Windows Media Série 9

Codeur Windows Media Série 9

Correctif Windows XP - KB873333

Correctif Windows XP - KB873339

Correctif Windows XP - KB885836

Correctif Windows XP - KB886185

Correctif Windows XP - KB887472

Correctif Windows XP - KB887742

Correctif Windows XP - KB888113

Correctif Windows XP - KB888302

Correctif Windows XP - KB891781

Creative WebCam Center

Creative WebCam Vista Plus Driver (1.02.02.0414)

eMule

eMule0.47a MorphXT 8.1

ENPC PersoTEST

EPSON Logiciel imprimante

EPSON PhotoQuicker3.5

EPSON TWAIN 5

EPSON Web-To-Page

ESC66 Guide de référence

ESC66 Guide des logiciels

GalleryPlayer Images

GamesBar 1.0.0.9

Gestionnaire Internet

Google Toolbar for Firefox

High Definition Audio Driver Package - KB835221

High Definition Audio Driver Package - KB888111

HijackThis 1.99.1

Installer Yahoo! Messenger

J2SE Runtime Environment 5.0 Update 6

Java 2 Runtime Environment, SE v1.4.2_05

Jeux Classiques

Lecteur Windows Media 11

Les Sims 2

LFP Manager 06

Macromedia Flash Player

Messenger Plus! Live

Micro Application - Scrapbook Edition Spéciale

Microsoft Office XP Professional avec FrontPage

Microsoft Publisher 2002

Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)

Microsoft XML Parser

MSN

Navigateur Orange

NTI Backup NOW! 3

NTI Backup NOW! 3

NTI CD & DVD-Maker

NTI CD & DVD-Maker Gold

Picasa 2

PowerDVD

Print@Fujicolor

QuickTime

QuickTime

Realtek High Definition Audio Driver

SAMSUNG CDMA Modem Driver Set

SAMSUNG Mobile USB Modem 1.0 Software

SAMSUNG Mobile USB Modem Software

Samsung PC Studio

Samsung PC Studio

Samsung PC Studio 3 USB Driver Installer

Samsung Samples Installer

Sandlot Games Client Services

ScanToWeb

SimCity 3000

Tap'Touche 4

tomb

TomTom HOME

Ulead Photo Express 4.0 My Custom Edition

Usb disk Driver

Vodafone 804SS USB driver Software

Wanadoo Messager

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Live Messenger

Windows Live Sign-in Assistant

Windows Media Format 11 runtime

Windows Media Format 11 runtime

Windows Media Player 11

Yahoo! Toolbar

Yahoo! Toolbar avec bloqueur de fenêtres pop-up

 

 

 

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\Program Files

 

22/03/2005 14:15 <REP> .

22/03/2005 14:15 <REP> ..

22/03/2005 14:21 <REP> Adobe

08/12/2005 10:14 <REP> Adobe Type Manager

08/12/2005 10:17 <REP> Alwil Software

24/02/2006 18:10 <REP> ArcSoft

10/03/2006 14:14 <REP> AVSMedia

20/02/2007 17:54 <REP> BFG

20/02/2007 17:56 <REP> bfgtoolbar

18/02/2007 18:40 <REP> Boonty

18/02/2007 18:40 <REP> BoontyGames

25/12/2006 21:23 <REP> Canon

31/01/2007 22:44 <REP> ColiPoste

22/03/2005 14:19 <REP> ComPlus Applications

24/02/2006 18:07 <REP> Creative

22/03/2005 14:31 <REP> CyberLink

23/11/2005 17:55 <REP> EA GAMES

23/11/2005 16:37 <REP> EA SPORTS

23/01/2007 16:09 <REP> eMule

26/01/2007 16:21 6 596 038 emule0.47a.morphxt_8_1_installer.exe

07/02/2006 17:18 <REP> ENPC_PersoTEST1

06/12/2005 14:53 <REP> EPSON

22/03/2005 14:15 <REP> Fichiers communs

24/11/2005 13:33 <REP> Fujifilm

04/05/2006 21:58 <REP> Google

18/01/2007 18:14 <REP> Grisoft

17/01/2007 22:47 <REP> HijackThis

17/02/2007 15:05 <REP> Ihsv

22/03/2005 14:26 <REP> Intel

22/03/2005 14:19 <REP> Internet Explorer

06/03/2006 11:45 <REP> Inventel

28/08/2006 16:30 <REP> iWin

22/03/2005 14:27 <REP> Java

18/03/2006 13:45 <REP> Jeux classiques

27/12/2006 10:22 <REP> Lavasoft

12/07/2006 19:23 <REP> Maxis

22/03/2005 14:18 <REP> Messenger

24/12/2006 10:47 <REP> Messenger Plus! Live

09/01/2006 16:20 <REP> Micro Application

22/03/2005 14:22 <REP> microsoft frontpage

08/12/2005 10:04 <REP> Microsoft Office

08/12/2005 10:05 <REP> Microsoft Visual Studio

22/03/2005 14:19 <REP> Movie Maker

22/03/2005 14:18 <REP> MSN

25/02/2006 22:01 <REP> MSN Apps

07/06/2006 11:50 <REP> MSN Games

22/03/2005 14:18 <REP> MSN Gaming Zone

25/10/2006 22:57 <REP> MSN Messenger

22/03/2005 14:19 <REP> NetMeeting

22/03/2005 14:33 <REP> NewTech Infosystems

22/03/2005 14:19 <REP> Online Services

22/07/2006 15:17 <REP> orange

22/03/2005 14:19 <REP> Outlook Express

08/12/2005 10:13 <REP> PhotoDeluxe EE 1.0

23/01/2007 21:22 <REP> Picasa2

10/03/2006 11:54 <REP> QuickTime

27/06/2006 19:32 <REP> Real

22/03/2005 14:26 <REP> Realtek

27/06/2006 19:32 774 144 RngInterstitial.dll

01/02/2007 16:30 <REP> Samsung

28/07/2006 15:07 <REP> Securitoo

22/03/2005 14:20 <REP> Services en ligne

17/01/2007 19:05 <REP> Spyware Doctor

22/03/2005 14:28 <REP> Symantec

31/08/2006 21:14 <REP> Tap'Touche 4

25/03/2007 11:01 <REP> TomTom HOME

24/02/2006 18:09 <REP> Ulead Systems

05/11/2006 21:39 <REP> Virtools Web Player 3.5

06/07/2006 18:58 <REP> Wanadoo

06/07/2006 18:58 <REP> Wanadoo Messager

03/01/2007 12:01 <REP> Windows Media Components

22/03/2005 14:19 <REP> Windows Media Player

22/03/2005 14:18 <REP> Windows NT

17/01/2007 18:31 <REP> Winsos

22/03/2005 14:22 <REP> xerox

29/03/2006 23:26 <REP> Yahoo!

06/12/2006 20:58 <REP> Zylom Games

2 fichier(s) 7 370 182 octets

75 Rép(s) 156 226 912 256 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\Program Files\fichiers communs

 

22/03/2005 14:15 <REP> .

22/03/2005 14:15 <REP> ..

22/03/2005 14:15 <REP> Microsoft Shared

22/03/2005 14:15 <REP> SpeechEngines

22/03/2005 14:15 <REP> ODBC

22/03/2005 14:19 <REP> System

22/03/2005 14:19 <REP> MSSoap

22/03/2005 14:19 <REP> Services

22/03/2005 14:25 <REP> InstallShield

22/03/2005 14:27 <REP> Java

22/03/2005 14:29 <REP> Symantec Shared

04/12/2005 11:12 <REP> Adobe

08/12/2005 10:05 <REP> Designer

09/01/2006 16:20 <REP> Micro Application Shared

31/07/2006 14:00 278 528 FDEUnInstaller.exe

10/03/2006 14:14 <REP> AVSMedia

18/03/2006 13:45 <REP> Wise Installation Wizard

30/03/2006 21:22 <REP> Sandlot Shared

27/06/2006 19:32 <REP> Real

03/01/2007 11:40 <REP> MAGIX Shared

18/02/2007 18:41 <REP> BOONTY Shared

1 fichier(s) 278 528 octets

20 Rép(s) 156 226 912 256 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

22/03/2005 14:25 <REP> .

22/03/2005 14:25 <REP> ..

07/03/2001 07:00 127 033 MSOWS40c.DLL

03/06/1999 12:09 122 937 MSOWS409.DLL

13/02/2001 08:23 58 784 MSOSV.DLL

08/12/2005 10:05 <REP> 1036

08/12/2005 10:05 <REP> 1033

15/02/2001 05:45 1 318 912 MSONSEXT.DLL

22/01/2001 03:25 86 016 PKMWS.DLL

22/01/2001 03:25 24 576 PKMTRACE.DLL

06/08/2000 09:04 401 462 MSVCP60.DLL

22/01/2001 03:25 69 632 PKMAXCTL.DLL

22/01/2001 03:25 872 448 PKMCDO.DLL

22/01/2001 03:25 159 744 PKMCORE.DLL

07/02/2001 09:59 106 496 PKMFORMS.DLL

12/02/2001 04:03 684 032 PKMRES.DLL

22/01/2001 03:25 28 672 PKMSSTLB.DLL

22/01/2001 03:25 40 960 PKMTEMPL.DLL

22/01/2001 03:25 237 568 PROMDEMO.DLL

22/01/2001 03:25 184 320 SECMGR.DLL

22/01/2001 03:25 323 584 VAIDDMGR.DLL

22/01/2001 03:25 32 768 VAIMEM.DLL

18 fichier(s) 4 879 944 octets

4 Rép(s) 156 226 912 256 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\

 

18/01/2007 23:19 126 976 zip.exe

11/11/2001 00:00 68 096 diff.exe

27/08/2006 14:10 103 424 grep.exe

24/05/2001 12:59 162 304 UNWISE.EXE

11/04/2007 11:52 9 358 xx1232255.exe

5 fichier(s) 470 158 octets

0 Rép(s) 156 226 912 256 octets libres

c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\Setup.exe

c:\Documents and Settings\marion\Local Settings\Temp\Install_Messenger.exe

c:\Documents and Settings\marion\Mes documents\msgpluslive-411.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\fixwareout.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\sdfix.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\dumphive.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\GenericRenosFix.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\HostsChk.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Process.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Reboot.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\restart.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SmiUpdate.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SrchSTS.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swreg.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swsc.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swxcacls.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\unzip.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\clean\clean\pskill.exe

c:\Documents and Settings\marion\Mes documents\marion\install_messenger.exe

c:\Documents and Settings\marion\Mes documents\marion\wmencoder.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\diff.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\Fport.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\grep.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\LFiles.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\pslist.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\streams.exe

c:\Documents and Settings\marion\Mes documents\marion\DiagHelp\DiagHelp\swreg.exe

c:\Documents and Settings\marion\Bureau\emule0.47c-installer.exe

c:\Documents and Settings\marion\Bureau\picasaweb-current-setup.exe

c:\Documents and Settings\marion\Application Data\MSNInstaller\msnauins.exe

c:\Documents and Settings\marion\Application Data\WholeSecurity\CAT\WSUIEE.exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\OPW9P26M\zaasSetup_65_737_000_fr[1].exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[1].exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[2].exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\ztool4[1].exe

c:\Documents and Settings\guillaume\Mes documents\louvetain\rustbfix.exe

c:\Documents and Settings\guillaume\Mes documents\louvetain\SDFix.exe

c:\Documents and Settings\guillaume\Mes documents\louvetain\zaasSetup_65_737_000_fr.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\ATR1.EXE

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005Patch1_2.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\TrophyViewer.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\unins000.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\uninspro.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\WebLauncher.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsia.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsiw.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\setup.exe

c:\Documents and Settings\guillaume\Bureau\clean\pskill.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\dumphive.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\GenericRenosFix.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Process.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Reboot.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\restart.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SmiUpdate.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SrchSTS.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swreg.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swsc.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swxcacls.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\unzip.exe

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\delicious.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\fmod.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\babel.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\fmod.dll

c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setup.dll

c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setupx.dll

c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVIP}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{0000278T-TT9K-T8DU-1KFV-23O5NTEJMVU6}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VVA}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU0}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-83VE-238SHC0H2VVH}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV2}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVA}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{002AVPFP-JHLQ-ABE3-SM6K-20DE4GEHCVVJ}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKO}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG5-V0BI-21QH2RV14VVR}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VUC}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-LS5J-229F8D9V0VVC}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-FTST-22EV6QAI2VV1}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG7-9568-243JELPN2VVD}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Vas sur http://upload.malekal.com

clic sur parcourir et sélectionne : C:\WINDOWS\updater.exe.bin

Clic sur envoyer fichier.

 

Recommence pour :

C:\WINDOWS\System32\cent.exe

C:\WINDOWS\System32\vexga4m1et4.exe

C:\WINDOWS\System32\vexg3am1et3.exe

 

Ensuite télécharges et installes :

KillBox de Option^Explicit

Aide Killbox

 

sélectionne entièrement la liste ci-dessous :

 

C:\WINDOWS\System32\vexga4m1et4.exe

C:\WINDOWS\System32\vexg3am1et3.exe

C:\WINDOWS\System32\vexg4am1et2.exe

C:\WINDOWS\System32\vexg6ame4.exe

C:\WINDOWS\System32\cent.exe

C:\WINDOWS\System32\cszgj.exe

c:\xx1232255.exe

C:\WINDOWS\updater.exe.bin

C:\WINDOWS\updater.exe.tmp

 

---> et tu fais clic droit / copier

 

Ouvres killbox

- Sélectionne "delete on reboot"

- Clique sur le menu "File" -> "Past from clip board"

- Clique sur All Files

- Clique sur la croix rouge et et blanche

- Répond yes et laisse redémarrer ton pc.

N'hésite pas à consulter l'Aide killbox

 

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!" et que l'ordinateur ne redémarre pas, redémarre le manuellement ---> Menu Démarrer / arreter / redémarrer l'ordinateur

 

Après redémarrage, relance Killbox puis clic sur le menu fichier -> Log -> Actions History Log

Poste le rapport ici

 

____

 

Tu as une veille verison de DiagHelp, tu peux supprimer ta version, le retélécharger et faire l'option 1 comme indiqué stp.

haguima Junior Member

haguima

Posté(e)
  • Auteur
Posté(e)

Voici le rapport diaghelp:

C:\WINDOWS\System32/drivers\gmer.sys -->21/01/2007 21:34:22

C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 18:26:08

C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 18:25:24

C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 00:56:14

C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 00:56:00

C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 00:51:58

C:\WINDOWS\System32/drivers\tcpip.sys -->12/12/2006 23:59:32

 

C:\WINDOWS\System32\AdobeFnt.lst -->17/04/2007 17:00:54

C:\WINDOWS\System32\tmp.txt -->17/04/2007 15:24:40

C:\WINDOWS\System32\tmp.reg -->17/04/2007 15:24:40

C:\WINDOWS\System32\vexg3am1et3.exe -->17/04/2007 14:27:10

C:\WINDOWS\System32\vexg4am1et2.exe -->17/04/2007 14:27:10

C:\WINDOWS\System32\cent.exe -->17/04/2007 08:29:28

C:\WINDOWS\System32\wpa.dbl -->17/04/2007 08:11:12

C:\WINDOWS\System32\FNTCACHE.DAT -->02/04/2007 19:07:54

C:\WINDOWS\System32\cszgj.exe -->12/03/2007 09:05:36

C:\WINDOWS\System32\PCANDIS5.sys -->23/01/2007 15:25:50

C:\WINDOWS\System32\W32N50.dll -->23/01/2007 15:25:50

C:\WINDOWS\System32\tmp9AF84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpB7F84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpC4F84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpD1F84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\tmpEEE84.FOT -->22/01/2007 21:50:36

C:\WINDOWS\System32\zllictbl.dat -->21/01/2007 22:43:48

C:\WINDOWS\System32\ikhcore.log -->17/01/2007 20:48:06

C:\WINDOWS\System32\CONFIG.NT -->17/01/2007 17:36:22

C:\WINDOWS\System32\dip.exe -->17/01/2007 15:34:36

C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 18:32:08

C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 18:23:20

C:\WINDOWS\System32\LegitCheckControl.DLL -->12/12/2006 10:45:04

C:\WINDOWS\System32\swxcacls.exe -->01/12/2006 05:20:34

C:\WINDOWS\System32\pxhpinst.exe -->27/09/2006 22:53:24

 

C:\WINDOWS.log -->17/04/2007 18:40:52

C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->17/04/2007 18:40:50

C:\WINDOWS\wiadebug.log -->17/04/2007 18:40:48

C:\WINDOWS\bootstat.dat -->17/04/2007 18:40:34

C:\WINDOWS\SchedLgU.Txt -->17/04/2007 18:40:04

C:\WINDOWS\WindowsUpdate.log -->17/04/2007 18:40:04

C:\WINDOWS\wiaservc.log -->17/04/2007 18:40:04

C:\WINDOWS\setupact.log -->17/04/2007 15:26:10

C:\WINDOWS\updater.exe.bin -->17/04/2007 08:11:56

C:\WINDOWS\wmsetup.log -->11/04/2007 12:06:52

C:\WINDOWS\updater.exe.tmp -->11/04/2007 11:55:10

C:\WINDOWS\NAVIGMA.INI -->05/04/2007 21:24:34

C:\WINDOWS\EPISMF00.SWB -->02/04/2007 19:40:14

C:\WINDOWS\setupapi.log -->02/04/2007 18:25:06

C:\WINDOWS\win.ini -->20/03/2007 21:16:26

 

C:\WINDOWS\twunk_16.exe |01/01/1980 00:00:00

C:\WINDOWS\twunk_32.exe |01/01/1980 00:00:00

C:\WINDOWS\SETR.EXE |01/01/1980 00:00:00

C:\WINDOWS\AMOVE.EXE |01/01/1980 00:00:00

C:\WINDOWS\ALAUNCH.EXE |01/01/1980 00:00:00

C:\WINDOWS\EHIB.EXE |01/01/1980 00:00:00

C:\WINDOWS\GalleryPlayer Images Uninstaller.exe |03/10/2005 19:40:02

C:\WINDOWS\gmer.exe |21/01/2007 21:34:21

C:\WINDOWS\uninst.exe |06/01/2007 14:48:06

C:\WINDOWS\IsUninst.exe |06/01/2007 14:52:23

C:\WINDOWS\unvise32.exe |25/03/2007 11:01:47

C:\WINDOWS\AGRSMMSG.exe |01/01/1980 00:00:00

C:\WINDOWS\agrsmdel.exe |01/01/1980 00:00:00

C:\WINDOWS\SoundMan.exe |22/03/2005 14:26:50

C:\WINDOWS\RTHDCPL.EXE |22/03/2005 14:26:50

C:\WINDOWS\RTLCPL.EXE |22/03/2005 14:26:49

C:\WINDOWS\ALCWZRD.EXE |22/03/2005 14:26:50

C:\WINDOWS\unin040c.exe |08/12/2005 10:12:00

C:\WINDOWS\CtDrvIns.exe |24/02/2006 18:11:52

C:\WINDOWS\V0090Cfg.exe |24/02/2006 18:11:52

C:\WINDOWS\Ctregrun.exe |24/02/2006 18:12:30

C:\WINDOWS\IsUn040c.exe |11/02/2006 14:28:33

C:\WINDOWS\twain.dll |01/01/1980 00:00:00

C:\WINDOWS\twain_32.dll |01/01/1980 00:00:00

C:\WINDOWS\sysgtime.dll |07/01/2000 01:00:00

C:\WINDOWS\gmer.dll |21/01/2007 21:34:21

C:\WINDOWS\RtlExUpd.dll |03/04/2005 02:24:24

C:\WINDOWS\kpapi32.dll |08/12/2005 10:13:17

C:\WINDOWS\kpcp32.dll |08/12/2005 10:13:17

C:\WINDOWS\kpsys32.dll |08/12/2005 10:13:17

C:\WINDOWS\Sprof32.dll |08/12/2005 10:13:17

C:\WINDOWS\pcdlib32.dll |08/12/2005 10:13:17

C:\WINDOWS\system32\append.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\debug.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\dvdplay.exe |23/08/2001 17:47:34

C:\WINDOWS\system32\edlin.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\exe2bin.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\fastopen.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\mem.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\mscdexnt.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\nlsfunc.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\setver.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\share.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\usrprbda.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\usrshuta.exe |23/08/2001 17:47:48

C:\WINDOWS\system32\java.exe |04/05/2006 21:58:40

C:\WINDOWS\system32\dosx.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\redir.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\FTRTSVC.exe |23/01/2007 16:01:55

C:\WINDOWS\system32\javaw.exe |04/05/2006 21:58:40

C:\WINDOWS\system32\aswBoot.exe |08/12/2005 10:17:54

C:\WINDOWS\system32\javaws.exe |04/05/2006 21:58:40

C:\WINDOWS\system32\ASPTV.EXE |01/01/1980 00:00:00

C:\WINDOWS\system32\ASPFM.EXE |01/01/1980 00:00:00

C:\WINDOWS\system32\swreg.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\swsc.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\dumphive.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\swxcacls.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\pxhpinst.exe |23/01/2007 21:22:34

C:\WINDOWS\system32\fslfd.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\yenjm.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\dip.exe |17/01/2007 15:34:34

C:\WINDOWS\system32\aoiqd.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\arlnl.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\ilpjc.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cesoa.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\bydyf.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cszgj.exe |21/03/2007 18:02:43

C:\WINDOWS\system32\vixwj.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\uhewj.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\smyun.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\vdbne.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cspqa.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\mrkyl.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\phvqm.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\jcfaz.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\zfqis.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\cent.exe |17/04/2007 08:29:25

C:\WINDOWS\system32\Hdaudpropshortcut.exe |17/03/2004 15:10:40

C:\WINDOWS\system32\Process.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\SrchSTS.exe |17/01/2007 23:42:32

C:\WINDOWS\system32\creLink.exe |22/03/2005 14:34:45

C:\WINDOWS\system32\CreMan.exe |22/03/2005 14:35:01

C:\WINDOWS\system32\Ati2mdxx.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2evxx.exe |01/01/1980 00:00:00

C:\WINDOWS\system32\ChCfg.exe |03/04/2005 02:24:28

C:\WINDOWS\system32\HdAShCut.exe |07/01/2005 17:07:16

C:\WINDOWS\system32\MaggiUninstall60.exe |06/01/2007 14:48:19

C:\WINDOWS\system32\TVIcon.exe |23/11/2005 16:22:42

C:\WINDOWS\system32\vexg4am1et2.exe |11/04/2007 11:53:42

C:\WINDOWS\system32\vexg3am1et3.exe |17/04/2007 08:29:36

C:\WINDOWS\system32\V0090Srv.exe |24/02/2006 18:11:52

C:\WINDOWS\system32\unwlsdrv.exe |06/01/2005 15:04:00

C:\WINDOWS\system32\ir32_32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgaw400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgdw400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgmd400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgpl400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgsd400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\jgsh400.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 17:47:06

C:\WINDOWS\system32\msencode.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\slbrccsp.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\spnike.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\sprio600.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\sprio800.dll |23/08/2001 17:47:18

C:\WINDOWS\system32\tsd32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\win87em.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\paqsp.dll |23/08/2001 17:47:16

C:\WINDOWS\system32\usrcntra.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrcoina.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrdpa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrdtea.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrlbva.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrv42a.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrv80a.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrvoica.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\usrvpa.dll |23/08/2001 17:47:20

C:\WINDOWS\system32\amstream.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atmfd.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atmlib.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\compatUI.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\encdec.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\iccvid.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ieencode.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\msdmo.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\qedwipes.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\sbe.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\slbcsp.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\slbiop.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir41_qc.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir41_qcx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir50_32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir50_qc.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ir50_qcx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ltkrn13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\EqnClass.Dll |22/03/2005 14:15:29

C:\WINDOWS\system32\spxcoins.dll |22/03/2005 14:15:29

C:\WINDOWS\system32\dgsetup.dll |22/03/2005 14:15:29

C:\WINDOWS\system32\dgrpsetu.dll |22/03/2005 14:15:29

C:\WINDOWS\system32\ltfil13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\ltdis13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\ltimg13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\lfbmp13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\lfcmp13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\ltefx13n.dll |22/08/2006 17:54:50

C:\WINDOWS\system32\lfgif13n.dll |22/08/2006 17:54:52

C:\WINDOWS\system32\lame_enc.dll |11/04/2000 20:44:56

C:\WINDOWS\system32\epcomdd.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\ESDTR.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\ESICM.dll |29/11/2006 16:27:35

C:\WINDOWS\system32\esccm.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\esccmd.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\esccmn.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escimg.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escimgd.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escimgn.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escwiab.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escwiad.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\escwian.dll |29/11/2006 16:27:37

C:\WINDOWS\system32\px.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\pxmas.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\pxwave.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\vxblock.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\pxdrv.dll |23/01/2007 21:22:34

C:\WINDOWS\system32\mgxoschk.dll |03/01/2007 11:39:29

C:\WINDOWS\system32\INETWH32.dll |03/01/2007 11:39:50

C:\WINDOWS\system32\ROBOEX32.DLL |24/02/2006 18:09:53

C:\WINDOWS\system32\SHW32.DLL |27/03/2007 21:38:32

C:\WINDOWS\system32\hticons.dll |22/03/2005 14:18:52

C:\WINDOWS\system32\Hdaudprop.dll |17/03/2004 15:10:40

C:\WINDOWS\system32\isrdbg32.dll |22/03/2005 14:19:50

C:\WINDOWS\system32\Hdaudpropres.dll |18/03/2004 17:18:08

C:\WINDOWS\system32\NTICDMK32.dll |22/03/2005 14:33:49

C:\WINDOWS\system32\NTIMPEG2.dll |22/03/2005 14:33:49

C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 16:12:30

C:\WINDOWS\system32\Hmpg12.dll |03/09/2001 23:46:38

C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 16:33:56

C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 22:04:36

C:\WINDOWS\system32\vboxs430.dll |12/09/2000 20:24:29

C:\WINDOWS\system32\ntiembed.dll |22/03/2005 14:34:20

C:\WINDOWS\system32\ati2dvag.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2cqag.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati3duag.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ativvaxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ATIDDC.DLL |01/01/1980 00:00:00

C:\WINDOWS\system32\atitvo32.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ativcoxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2evxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atipdlxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\Oemdspif.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ati2edxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\ATIDEMGR.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atioglxx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\atiiiexx.dll |01/01/1980 00:00:00

C:\WINDOWS\system32\Esint23.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\Esintpl.dll |29/11/2006 16:27:34

C:\WINDOWS\system32\Epfb5cpl.dll |29/11/2006 16:27:36

C:\WINDOWS\system32\HdAProp.dll |07/01/2005 17:07:16

C:\WINDOWS\system32\HdAudRes.dll |07/01/2005 17:07:04

C:\WINDOWS\system32\HtmlWH.dll |03/01/2007 11:39:49

C:\WINDOWS\system32\IfHelper.dll |23/01/2007 16:01:55

C:\WINDOWS\system32\RtlCPAPI.dll |22/03/2005 14:26:49

C:\WINDOWS\system32\vp6vfw.dll |23/11/2005 17:55:34

C:\WINDOWS\system32\fun_avcodec.dll |01/02/2007 16:30:54

C:\WINDOWS\system32\EBPMON24.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\ECBTEG.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\EBPCHP.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\E_DCINST.DLL |06/12/2005 14:53:57

C:\WINDOWS\system32\Epcmlib.dll |06/12/2005 14:54:51

C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 02:53:58

C:\WINDOWS\system32\cppenv25.dll |08/12/2005 10:13:15

C:\WINDOWS\system32\EZIMG25.dll |08/12/2005 10:13:16

C:\WINDOWS\system32\WINSIZE.DLL |08/12/2005 10:13:16

C:\WINDOWS\system32\Snap32n.dll |08/12/2005 10:13:17

C:\WINDOWS\system32\MSVCRT10.DLL |08/12/2005 10:13:17

C:\WINDOWS\system32\ATMDRVR.DLL |08/12/2005 10:14:25

C:\WINDOWS\system32\fun_mp4_dec.dll |01/02/2007 16:30:55

C:\WINDOWS\system32\fun_mp4_enc.dll |01/02/2007 16:30:55

C:\WINDOWS\system32\WooDial2000.dll |24/02/2006 17:42:20

C:\WINDOWS\system32\rnaph.dll |24/02/2006 17:42:13

C:\WINDOWS\system32\CtCamMgr.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\CtRegApp.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Hwx.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Pin.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Sti.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\V0090Vfw.dll |24/02/2006 18:11:52

C:\WINDOWS\system32\hypertrm.dll |22/03/2005 14:18:48

C:\WINDOWS\system32\W32N50.dll |06/03/2006 11:22:41

C:\WINDOWS\system32\ffJmpWeb.dll |06/03/2006 11:38:09

C:\WINDOWS\system32\mcdvd_32.dll |10/03/2006 14:14:45

C:\WINDOWS\system32\divx.dll |10/03/2006 14:14:45

C:\WINDOWS\system32\xvidcore.dll |10/03/2006 14:14:45

C:\WINDOWS\system32\xvidvfw.dll |10/03/2006 14:14:45

 

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\WINDOWS\system

 

23/08/2001 05:00 9 728 regsvr32.exe

1 fichier(s) 9 728 octets

0 Rép(s) 156 296 183 808 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\WINDOWS\system32

 

05/08/2004 05:00 6 144 csrss.exe

12/03/2007 09:05 52 759 cszgj.exe

05/08/2004 05:00 34 827 cspqa.exe

3 fichier(s) 93 730 octets

0 Rép(s) 156 296 183 808 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

22/03/2005 14:20 <REP> .

22/03/2005 14:20 <REP> ..

22/03/2005 14:20 65 desktop.ini

10/11/2005 14:05 876 jinstall-1_5_0_06.inf

14/05/2006 10:56 <REP> DinerDash.1.0.0.58

03/06/2002 17:53 144 QTPlugin.inf

19/06/2002 14:11 117 088 PURen-us.dll

15/10/2004 07:59 110 592 PURfr-xx.dll

25/06/2006 12:50 1 793 erma.inf

26/05/2005 04:19 293 muweb.inf

20/06/2006 15:44 379 704 MsnPUpld.dll

19/06/2006 14:40 393 MsnPUpld.inf

20/12/2006 01:00 124 584 naveng32.dll

20/12/2006 01:00 882 344 navex32a.dll

20/12/2006 01:00 2 504 catalog.dat

20/12/2006 01:00 272 040 ecmsvr32.dll

20/12/2006 01:00 6 899 ecbootil.vxd

20/12/2006 01:00 32 virscant.dat

20/12/2006 01:00 974 242 virscan1.dat

20/12/2006 01:00 569 910 virscan2.dat

20/12/2006 01:00 147 296 virscan3.dat

20/12/2006 01:00 320 186 virscan4.dat

20/12/2006 01:00 3 086 703 virscan5.dat

20/12/2006 01:00 390 030 virscan6.dat

20/12/2006 01:00 5 396 298 virscan7.dat

20/12/2006 01:00 1 650 979 virscan8.dat

20/12/2006 01:00 3 940 959 virscan9.dat

20/12/2006 01:00 224 zdone.dat

20/12/2006 01:00 106 244 virscan.inf

20/12/2006 01:00 97 696 scrauth.dat

20/12/2006 01:00 453 tinf.dat

20/12/2006 01:00 148 tinfidx.dat

20/12/2006 01:00 1 957 tinfl.dat

20/12/2006 01:00 64 048 tscan1.dat

20/12/2006 01:00 3 072 tscan1hd.dat

20/12/2006 01:00 1 061 symaveng.inf

20/12/2006 01:00 9 237 symaveng.cat

20/12/2006 01:00 187 543 tcdefs.dat

20/12/2006 01:00 1 172 076 tcscan7.dat

20/12/2006 01:00 323 242 tcscan8.dat

20/12/2006 01:00 728 804 tcscan9.dat

20/12/2006 01:00 4 778 v.grd

20/12/2006 01:00 2 261 v.sig

28/12/2006 17:58 2 072 vscanmsx.dat

09/11/2006 14:36 5 019 swflash.inf

11/12/2006 16:44 367 LegitCheckControl.inf

09/01/2007 08:30 110 592 PURfr-fr.dll

44 fichier(s) 21 196 848 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:46 995 328 dinerdash.exe

14/05/2006 10:56 <REP> assets

1 fichier(s) 995 328 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 460 playfirst_logo.png

18/11/2005 09:43 11 803 strings.xml

14/05/2006 10:56 <REP> accessories

14/05/2006 10:56 <REP> backgrounds

14/05/2006 10:56 <REP> buttons

14/05/2006 10:56 <REP> comics

14/05/2006 10:56 <REP> config

14/05/2006 10:56 <REP> cook

14/05/2006 10:56 <REP> cursor

14/05/2006 10:56 <REP> flo

14/05/2006 10:56 <REP> fonts

14/05/2006 10:56 <REP> furniture

14/05/2006 10:56 <REP> hiscore

14/05/2006 10:56 <REP> layouts

14/05/2006 10:56 <REP> restaurants

14/05/2006 10:56 <REP> scripts

14/05/2006 10:56 <REP> splash

14/05/2006 10:56 <REP> ui

14/05/2006 10:56 <REP> audio

14/05/2006 10:56 <REP> customers

2 fichier(s) 17 263 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 568 cup.png

18/11/2005 09:43 619 customer_cup.png

18/11/2005 09:43 239 heart.png

18/11/2005 09:43 927 menu_down.png

18/11/2005 09:43 1 244 menu_up.png

18/11/2005 09:43 850 plates.png

18/11/2005 09:43 741 ticket.png

18/11/2005 09:43 1 639 tray.png

8 fichier(s) 6 827 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 1 319 choosedifficulty.png

18/11/2005 09:43 12 316 credits.jpg

18/11/2005 09:43 12 927 flo_lose.png

18/11/2005 09:43 13 807 flo_win.png

18/11/2005 09:43 16 725 help1.jpg

18/11/2005 09:43 18 595 help2.jpg

18/11/2005 09:43 14 327 highscores.jpg

18/11/2005 09:43 14 586 levelintro.jpg

18/11/2005 09:43 2 967 levelintro_mask.png

18/11/2005 09:43 14 582 levelover.jpg

18/11/2005 09:43 3 383 levelover_mask.png

18/11/2005 09:43 43 278 mainmenu.jpg

18/11/2005 09:43 7 362 popup.jpg

18/11/2005 09:43 1 899 popup_mask.png

18/11/2005 09:43 6 010 upgradegrid.png

18/11/2005 09:43 3 218 upgradetitle.png

18/11/2005 09:43 39 050 upsell.jpg

17 fichier(s) 226 351 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 825 arrowleft_blue.png

18/11/2005 09:43 995 arrowleft_yellow.png

18/11/2005 09:43 827 arrowright_blue.png

18/11/2005 09:43 991 arrowright_yellow.png

18/11/2005 09:43 2 326 backchalk.png

18/11/2005 09:43 2 960 backchalkup.png

18/11/2005 09:43 1 420 backtomenu_blue.png

18/11/2005 09:43 1 393 backtomenu_yellow.png

18/11/2005 09:43 1 795 back_blue.png

18/11/2005 09:43 1 761 back_yellow.png

18/11/2005 09:43 2 403 cancel.png

18/11/2005 09:43 2 368 cancelup.png

18/11/2005 09:43 2 722 career.png

18/11/2005 09:43 2 714 career_over.png

18/11/2005 09:43 2 156 close.png

18/11/2005 09:43 2 223 closeup.png

18/11/2005 09:43 3 346 continue.png

18/11/2005 09:43 3 208 continueover.png

18/11/2005 09:43 1 378 credits_blue.png

18/11/2005 09:43 1 365 credits_yellow.png

18/11/2005 09:43 2 073 download_blue.png

18/11/2005 09:43 2 081 download_yellow.png

18/11/2005 09:43 2 530 easy.png

18/11/2005 09:43 1 695 easy_over.png

18/11/2005 09:43 2 882 endlessshift.png

18/11/2005 09:43 2 886 endlessshift_over.png

18/11/2005 09:43 2 525 hard.png

18/11/2005 09:43 1 780 hard_over.png

18/11/2005 09:43 1 397 help.png

18/11/2005 09:43 1 395 help_over.png

18/11/2005 09:43 2 871 highscores.png

18/11/2005 09:43 2 871 highscores_over.png

18/11/2005 09:43 1 492 instructions_blue.png

18/11/2005 09:43 1 487 instructions_yellow.png

18/11/2005 09:43 1 491 letsplay.png

18/11/2005 09:43 1 491 letsplayover.png

18/11/2005 09:43 2 934 medium.png

18/11/2005 09:43 1 972 medium_over.png

18/11/2005 09:43 2 909 moreinfo.png

18/11/2005 09:43 2 903 moreinfoup.png

18/11/2005 09:43 580 off.png

18/11/2005 09:43 580 off_on.png

18/11/2005 09:43 505 on.png

18/11/2005 09:43 504 on_on.png

18/11/2005 09:43 827 pause.png

18/11/2005 09:43 843 pauseover.png

18/11/2005 09:43 2 835 quit.png

18/11/2005 09:43 3 776 quitgame.png

18/11/2005 09:43 3 122 quitgameover.png

18/11/2005 09:43 2 866 quitover.png

18/11/2005 09:43 3 762 resumegame.png

18/11/2005 09:43 3 196 resumegameover.png

18/11/2005 09:43 2 812 submit.png

18/11/2005 09:43 2 737 submitup.png

18/11/2005 09:43 3 175 tryagain.png

18/11/2005 09:43 3 244 tryagainover.png

18/11/2005 09:43 4 392 upgrade_over.png

18/11/2005 09:43 4 429 upgrade_up.png

18/11/2005 09:43 4 235 viewglobal.png

18/11/2005 09:43 4 219 viewglobalup.png

18/11/2005 09:43 3 710 viewhighscore.png

18/11/2005 09:43 3 250 viewhighscoreon.png

18/11/2005 09:43 4 189 viewlocal.png

18/11/2005 09:43 4 173 viewlocalup.png

64 fichier(s) 150 802 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 31 920 webcomic.jpg

1 fichier(s) 31 920 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 33 657 career.xml

18/11/2005 09:43 11 169 customer.xml

18/11/2005 09:43 17 741 endless.xml

18/11/2005 09:43 621 global.xml

18/11/2005 09:43 3 137 powerups.xml

5 fichier(s) 66 325 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 6 690 cook.png

18/11/2005 09:43 3 091 cook.xml

18/11/2005 09:43 228 stove.png

3 fichier(s) 10 009 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 1 773 arrow.png

18/11/2005 09:43 2 028 click.png

18/11/2005 09:43 1 926 click2.png

18/11/2005 09:43 1 726 grab.png

18/11/2005 09:43 2 274 open.png

5 fichier(s) 9 727 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 21 613 idle.png

18/11/2005 09:43 2 752 idle.xml

18/11/2005 09:43 6 943 lower.png

18/11/2005 09:43 2 177 lower.xml

18/11/2005 09:43 16 974 upper.png

18/11/2005 09:43 6 892 upper.xml

6 fichier(s) 57 351 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 36 107 arial.mvec

18/11/2005 09:43 34 231 komikaaxis.mvec

2 fichier(s) 70 338 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 529 chair.png

18/11/2005 09:43 2 914 chair.xml

18/11/2005 09:43 1 512 dirt2top.png

18/11/2005 09:43 1 762 dirt4top.png

18/11/2005 09:43 11 831 dishcart.png

18/11/2005 09:43 1 455 dishcart.xml

18/11/2005 09:43 2 990 drinkstation_off.png

18/11/2005 09:43 3 248 drinkstation_on1.png

18/11/2005 09:43 2 965 drinkstation_on2.png

18/11/2005 09:43 14 012 ticketstation.png

18/11/2005 09:43 2 621 ticketstation.xml

11 fichier(s) 50 839 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 700 arrowdown.png

18/11/2005 09:43 699 arrowdownon.png

18/11/2005 09:43 684 arrowleft.png

18/11/2005 09:43 684 arrowlefton.png

18/11/2005 09:43 677 arrowright.png

18/11/2005 09:43 679 arrowrighton.png

18/11/2005 09:43 701 arrowup.png

18/11/2005 09:43 703 arrowupon.png

18/11/2005 09:43 357 p1icon.png

18/11/2005 09:43 3 844 textedit.png

18/11/2005 09:43 2 066 title.png

11 fichier(s) 11 794 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 301 endless_1_1.txt

18/11/2005 09:43 301 endless_1_1_a.txt

18/11/2005 09:43 301 endless_1_1_b.txt

18/11/2005 09:43 301 endless_1_1_c.txt

18/11/2005 09:43 301 endless_1_2.txt

18/11/2005 09:43 301 endless_1_2_a.txt

18/11/2005 09:43 313 endless_1_2_b.txt

18/11/2005 09:43 301 endless_1_2_c.txt

18/11/2005 09:43 301 endless_1_2_d.txt

18/11/2005 09:43 301 endless_1_3.txt

18/11/2005 09:43 301 endless_1_3_a.txt

18/11/2005 09:43 301 endless_1_3_b.txt

18/11/2005 09:43 301 endless_1_3_c.txt

18/11/2005 09:43 301 endless_1_3_d.txt

18/11/2005 09:43 313 fifth_level_diner.txt

18/11/2005 09:43 313 first_level_diner.txt

18/11/2005 09:43 313 fourth_level_diner.txt

18/11/2005 09:43 313 second_level_diner.txt

18 fichier(s) 5 478 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 2 996 tableshadow.png

14/05/2006 10:56 <REP> diner

1 fichier(s) 2 996 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 23 014 background.jpg

18/11/2005 09:43 443 upgrades.xml

14/05/2006 10:56 <REP> food

14/05/2006 10:56 <REP> frames

14/05/2006 10:56 <REP> tables

2 fichier(s) 23 457 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 3 323 food1.png

18/11/2005 09:43 679 food1.xml

18/11/2005 09:43 3 217 food2.png

18/11/2005 09:43 678 food2.xml

18/11/2005 09:43 3 263 food3.png

18/11/2005 09:43 678 food3.xml

6 fichier(s) 11 838 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 28 970 upgrade_0001.png

1 fichier(s) 28 970 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 2 142 2top.png

18/11/2005 09:43 1 757 2top.xml

18/11/2005 09:43 1 926 4top.png

18/11/2005 09:43 2 227 4top.xml

4 fichier(s) 8 052 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 1 947 choosedifficulty.lua

18/11/2005 09:43 3 861 chooseplayer.lua

18/11/2005 09:43 1 497 chooserestaurant.lua

18/11/2005 09:43 8 311 credits.lua

18/11/2005 09:43 3 992 game.lua

18/11/2005 09:43 1 300 gothighscore.lua

18/11/2005 09:43 2 500 help.lua

18/11/2005 09:43 3 381 help2.lua

18/11/2005 09:43 14 475 hiscore.lua

18/11/2005 09:43 702 hiscoreinfo.lua

18/11/2005 09:43 3 784 hiscoresubmit.lua

18/11/2005 09:43 1 582 levelintro.lua

18/11/2005 09:43 3 623 levelover.lua

18/11/2005 09:43 775 loading.lua

18/11/2005 09:43 569 mainloop.lua

18/11/2005 09:43 2 548 mainmenu.lua

18/11/2005 09:43 836 ok.lua

18/11/2005 09:43 2 057 pause.lua

18/11/2005 09:43 1 323 style.lua

18/11/2005 09:43 1 521 tutorialintro.lua

18/11/2005 09:43 2 754 upgrade.lua

18/11/2005 09:43 943 upsell.lua

18/11/2005 09:43 2 202 webcomic.lua

18/11/2005 09:43 1 516 yesno.lua

24 fichier(s) 67 999 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 7 639 gamelabsplash.jpg

18/11/2005 09:43 21 506 playfirst_logo.jpg

2 fichier(s) 29 145 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 3 181 angersmoke.png

18/11/2005 09:43 1 179 angersmoke.xml

18/11/2005 09:43 2 098 chairflags.png

18/11/2005 09:43 1 884 chairflags.xml

18/11/2005 09:43 1 641 check.png

18/11/2005 09:43 335 checkmark.png

18/11/2005 09:43 9 739 clock.png

18/11/2005 09:43 3 021 closed.png

18/11/2005 09:43 5 511 closingtime.png

18/11/2005 09:43 2 511 coinflip.png

18/11/2005 09:43 1 146 coinflip.xml

18/11/2005 09:43 1 182 dollar.png

18/11/2005 09:43 6 341 expert.png

18/11/2005 09:43 3 910 expertscore.png

18/11/2005 09:43 5 463 foodpoof.png

18/11/2005 09:43 640 foodpoof.xml

18/11/2005 09:43 2 676 fork_timer.png

18/11/2005 09:43 2 680 goalcompleted.png

18/11/2005 09:43 2 013 heartgrow.png

18/11/2005 09:43 1 117 heartgrow.xml

18/11/2005 09:43 18 939 jar.png

18/11/2005 09:43 941 jar.xml

18/11/2005 09:43 10 376 level.png

18/11/2005 09:43 4 276 level_career.png

18/11/2005 09:43 8 910 score.png

18/11/2005 09:43 697 sound.png

18/11/2005 09:43 862 staroff.png

18/11/2005 09:43 1 830 staron.png

18/11/2005 09:43 2 187 tablenumber.png

18/11/2005 09:43 2 303 tablenumberup.png

18/11/2005 09:43 419 traynumber.png

18/11/2005 09:43 1 014 tutorialarrow.png

18/11/2005 09:43 1 880 tutorialbox.png

18/11/2005 09:43 6 924 tutorial_character.png

18/11/2005 09:43 11 027 upgradeanim.png

18/11/2005 09:43 1 457 upgradeanim.xml

14/05/2006 10:56 <REP> doodles

14/05/2006 10:56 <REP> upgrades

36 fichier(s) 132 310 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 155 coffee.png

18/11/2005 09:43 3 960 tables.png

18/11/2005 09:43 2 928 wallpaper.png

3 fichier(s) 12 043 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 2 301 drinks.png

18/11/2005 09:43 4 505 maitred.png

18/11/2005 09:43 3 783 oven.png

18/11/2005 09:43 4 177 select.png

18/11/2005 09:43 2 482 shoes.png

18/11/2005 09:43 4 267 stereo.png

18/11/2005 09:43 3 924 table.png

7 fichier(s) 25 439 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

14/05/2006 10:56 <REP> music

14/05/2006 10:56 <REP> sfx

0 fichier(s) 0 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 55 809 mainmenumusic.ogg

1 fichier(s) 55 809 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 5 299 sfx_bring_check_1_snd.ogg

18/11/2005 09:43 3 602 sfx_deliver_food_1_snd.ogg

18/11/2005 09:43 5 560 sfx_deliver_order_1_snd.ogg

18/11/2005 09:43 9 248 sfx_diner.ogg

18/11/2005 09:43 3 906 sfx_dish_dropoff_1_snd.ogg

18/11/2005 09:43 3 932 sfx_food_ready_1_snd.ogg

18/11/2005 09:43 3 650 sfx_gain_heart_1.ogg

18/11/2005 09:43 14 169 sfx_get_drinks_1_snd.ogg

18/11/2005 09:43 6 727 sfx_party_arrive_1_snd.ogg

18/11/2005 09:43 4 861 sfx_pencil_write_2.ogg

18/11/2005 09:43 4 413 sfx_pickup_food_1_snd.ogg

18/11/2005 09:43 2 868 sfx_rollover_1.ogg

18/11/2005 09:43 4 862 sfx_seat_people_snd.ogg

13 fichier(s) 73 097 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

14/05/2006 10:56 <REP> old_male

14/05/2006 10:56 <REP> young_female

0 fichier(s) 0 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 13 644 anim.xml

14/05/2006 10:56 <REP> blue

14/05/2006 10:56 <REP> green

14/05/2006 10:56 <REP> purple

14/05/2006 10:56 <REP> red

14/05/2006 10:56 <REP> yellow

1 fichier(s) 13 644 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 880 anim.png

18/11/2005 09:43 1 479 anim.xml

18/11/2005 09:43 678 sit_legs.png

3 fichier(s) 17 037 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 567 anim.png

18/11/2005 09:43 1 481 anim.xml

18/11/2005 09:43 626 sit_legs.png

3 fichier(s) 16 674 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 859 anim.png

18/11/2005 09:43 1 483 anim.xml

18/11/2005 09:43 640 sit_legs.png

3 fichier(s) 16 982 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 840 anim.png

18/11/2005 09:43 1 477 anim.xml

18/11/2005 09:43 649 sit_legs.png

3 fichier(s) 16 966 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 14 982 anim.png

18/11/2005 09:43 1 483 anim.xml

18/11/2005 09:43 786 sit_legs.png

3 fichier(s) 17 251 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 13 571 anim.xml

14/05/2006 10:56 <REP> blue

14/05/2006 10:56 <REP> green

14/05/2006 10:56 <REP> purple

14/05/2006 10:56 <REP> red

14/05/2006 10:56 <REP> yellow

1 fichier(s) 13 571 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 922 anim.png

18/11/2005 09:43 1 485 anim.xml

18/11/2005 09:43 476 sit_legs.png

3 fichier(s) 13 883 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 759 anim.png

18/11/2005 09:43 1 487 anim.xml

18/11/2005 09:43 448 sit_legs.png

3 fichier(s) 13 694 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 875 anim.png

18/11/2005 09:43 1 489 anim.xml

18/11/2005 09:43 475 sit_legs.png

3 fichier(s) 13 839 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 11 584 anim.png

18/11/2005 09:43 1 483 anim.xml

18/11/2005 09:43 466 sit_legs.png

3 fichier(s) 13 533 octets

 

Répertoire de C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow

 

14/05/2006 10:56 <REP> .

14/05/2006 10:56 <REP> ..

18/11/2005 09:43 12 011 anim.png

18/11/2005 09:43 1 489 anim.xml

18/11/2005 09:43 483 sit_legs.png

3 fichier(s) 13 983 octets

 

Total des fichiers listés :

330 fichier(s) 23 559 412 octets

122 Rép(s) 156 295 135 232 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

 

 

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006

http://www.gmer.net

 

scanning hidden processes ...

 

scanning hidden services ...

 

HKLM\SYSTEM\CurrentControlSet\Services\winmgmt590b-7eef

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

C:\WINDOWS\system32\windev-590b-7eef.sys 163840 bytes

C:\WINDOWS\system32\windev-peers.ini 32768 bytes

 

scan completed successfully

hidden processes: 0

hidden services: 1

hidden files: 2

 

Liste des programmes installes

 

105462 Unistall

61478 Unistall

802.11 USB Wireless LAN Adapter

Adobe Acrobat Reader 3.01

Adobe Flash Player 9 ActiveX

Adobe Reader 6.0.1

Adobe Shockwave Player

Adobe Type Manager 4.0

Agere Systems PCI Soft Modem

ArcSoft Multimedia Email

ATI Display Driver

avast! Antivirus

Barre d'outils MSN

Big Fish Games Toolbar

Camera Support Core Library

Canon Camera Support Core Library

Codeur Windows Media Série 9

Codeur Windows Media Série 9

Correctif Windows XP - KB873333

Correctif Windows XP - KB873339

Correctif Windows XP - KB885836

Correctif Windows XP - KB886185

Correctif Windows XP - KB887472

Correctif Windows XP - KB887742

Correctif Windows XP - KB888113

Correctif Windows XP - KB888302

Correctif Windows XP - KB891781

Creative WebCam Center

Creative WebCam Vista Plus Driver (1.02.02.0414)

eMule

eMule0.47a MorphXT 8.1

ENPC PersoTEST

EPSON Logiciel imprimante

EPSON PhotoQuicker3.5

EPSON TWAIN 5

EPSON Web-To-Page

ESC66 Guide de référence

ESC66 Guide des logiciels

GalleryPlayer Images

GamesBar 1.0.0.9

Gestionnaire Internet

Google Toolbar for Firefox

High Definition Audio Driver Package - KB835221

High Definition Audio Driver Package - KB888111

HijackThis 1.99.1

Installer Yahoo! Messenger

J2SE Runtime Environment 5.0 Update 6

Java 2 Runtime Environment, SE v1.4.2_05

Jeux Classiques

Lecteur Windows Media 11

Les Sims 2

LFP Manager 06

Macromedia Flash Player

Messenger Plus! Live

Micro Application - Scrapbook Edition Spéciale

Microsoft Office XP Professional avec FrontPage

Microsoft Publisher 2002

Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)

Microsoft XML Parser

MSN

Navigateur Orange

NTI Backup NOW! 3

NTI Backup NOW! 3

NTI CD & DVD-Maker

NTI CD & DVD-Maker Gold

Picasa 2

PowerDVD

Print@Fujicolor

QuickTime

QuickTime

Realtek High Definition Audio Driver

SAMSUNG CDMA Modem Driver Set

SAMSUNG Mobile USB Modem 1.0 Software

SAMSUNG Mobile USB Modem Software

Samsung PC Studio

Samsung PC Studio

Samsung PC Studio 3 USB Driver Installer

Samsung Samples Installer

Sandlot Games Client Services

ScanToWeb

SimCity 3000

Tap'Touche 4

tomb

TomTom HOME

Ulead Photo Express 4.0 My Custom Edition

Usb disk Driver

Vodafone 804SS USB driver Software

Wanadoo Messager

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Live Messenger

Windows Live Sign-in Assistant

Windows Media Format 11 runtime

Windows Media Format 11 runtime

Windows Media Player 11

Yahoo! Toolbar

Yahoo! Toolbar avec bloqueur de fenêtres pop-up

 

 

 

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\Program Files

 

22/03/2005 14:15 <REP> .

22/03/2005 14:15 <REP> ..

22/03/2005 14:21 <REP> Adobe

08/12/2005 10:14 <REP> Adobe Type Manager

08/12/2005 10:17 <REP> Alwil Software

24/02/2006 18:10 <REP> ArcSoft

10/03/2006 14:14 <REP> AVSMedia

20/02/2007 17:54 <REP> BFG

20/02/2007 17:56 <REP> bfgtoolbar

18/02/2007 18:40 <REP> Boonty

18/02/2007 18:40 <REP> BoontyGames

25/12/2006 21:23 <REP> Canon

31/01/2007 22:44 <REP> ColiPoste

22/03/2005 14:19 <REP> ComPlus Applications

24/02/2006 18:07 <REP> Creative

22/03/2005 14:31 <REP> CyberLink

23/11/2005 17:55 <REP> EA GAMES

23/11/2005 16:37 <REP> EA SPORTS

23/01/2007 16:09 <REP> eMule

26/01/2007 16:21 6 596 038 emule0.47a.morphxt_8_1_installer.exe

07/02/2006 17:18 <REP> ENPC_PersoTEST1

06/12/2005 14:53 <REP> EPSON

22/03/2005 14:15 <REP> Fichiers communs

24/11/2005 13:33 <REP> Fujifilm

04/05/2006 21:58 <REP> Google

18/01/2007 18:14 <REP> Grisoft

17/01/2007 22:47 <REP> HijackThis

17/02/2007 15:05 <REP> Ihsv

22/03/2005 14:26 <REP> Intel

22/03/2005 14:19 <REP> Internet Explorer

06/03/2006 11:45 <REP> Inventel

28/08/2006 16:30 <REP> iWin

22/03/2005 14:27 <REP> Java

18/03/2006 13:45 <REP> Jeux classiques

27/12/2006 10:22 <REP> Lavasoft

12/07/2006 19:23 <REP> Maxis

22/03/2005 14:18 <REP> Messenger

24/12/2006 10:47 <REP> Messenger Plus! Live

09/01/2006 16:20 <REP> Micro Application

22/03/2005 14:22 <REP> microsoft frontpage

08/12/2005 10:04 <REP> Microsoft Office

08/12/2005 10:05 <REP> Microsoft Visual Studio

22/03/2005 14:19 <REP> Movie Maker

22/03/2005 14:18 <REP> MSN

25/02/2006 22:01 <REP> MSN Apps

07/06/2006 11:50 <REP> MSN Games

22/03/2005 14:18 <REP> MSN Gaming Zone

25/10/2006 22:57 <REP> MSN Messenger

22/03/2005 14:19 <REP> NetMeeting

22/03/2005 14:33 <REP> NewTech Infosystems

22/03/2005 14:19 <REP> Online Services

22/07/2006 15:17 <REP> orange

22/03/2005 14:19 <REP> Outlook Express

08/12/2005 10:13 <REP> PhotoDeluxe EE 1.0

23/01/2007 21:22 <REP> Picasa2

10/03/2006 11:54 <REP> QuickTime

27/06/2006 19:32 <REP> Real

22/03/2005 14:26 <REP> Realtek

27/06/2006 19:32 774 144 RngInterstitial.dll

01/02/2007 16:30 <REP> Samsung

28/07/2006 15:07 <REP> Securitoo

22/03/2005 14:20 <REP> Services en ligne

17/01/2007 19:05 <REP> Spyware Doctor

22/03/2005 14:28 <REP> Symantec

31/08/2006 21:14 <REP> Tap'Touche 4

25/03/2007 11:01 <REP> TomTom HOME

24/02/2006 18:09 <REP> Ulead Systems

05/11/2006 21:39 <REP> Virtools Web Player 3.5

06/07/2006 18:58 <REP> Wanadoo

06/07/2006 18:58 <REP> Wanadoo Messager

03/01/2007 12:01 <REP> Windows Media Components

22/03/2005 14:19 <REP> Windows Media Player

22/03/2005 14:18 <REP> Windows NT

17/01/2007 18:31 <REP> Winsos

22/03/2005 14:22 <REP> xerox

29/03/2006 23:26 <REP> Yahoo!

06/12/2006 20:58 <REP> Zylom Games

2 fichier(s) 7 370 182 octets

75 Rép(s) 156 295 004 160 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\Program Files\fichiers communs

 

22/03/2005 14:15 <REP> .

22/03/2005 14:15 <REP> ..

22/03/2005 14:15 <REP> Microsoft Shared

22/03/2005 14:15 <REP> SpeechEngines

22/03/2005 14:15 <REP> ODBC

22/03/2005 14:19 <REP> System

22/03/2005 14:19 <REP> MSSoap

22/03/2005 14:19 <REP> Services

22/03/2005 14:25 <REP> InstallShield

22/03/2005 14:27 <REP> Java

22/03/2005 14:29 <REP> Symantec Shared

04/12/2005 11:12 <REP> Adobe

08/12/2005 10:05 <REP> Designer

09/01/2006 16:20 <REP> Micro Application Shared

31/07/2006 14:00 278 528 FDEUnInstaller.exe

10/03/2006 14:14 <REP> AVSMedia

18/03/2006 13:45 <REP> Wise Installation Wizard

30/03/2006 21:22 <REP> Sandlot Shared

27/06/2006 19:32 <REP> Real

03/01/2007 11:40 <REP> MAGIX Shared

18/02/2007 18:41 <REP> BOONTY Shared

1 fichier(s) 278 528 octets

20 Rép(s) 156 295 004 160 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

22/03/2005 14:25 <REP> .

22/03/2005 14:25 <REP> ..

07/03/2001 07:00 127 033 MSOWS40c.DLL

03/06/1999 12:09 122 937 MSOWS409.DLL

13/02/2001 08:23 58 784 MSOSV.DLL

08/12/2005 10:05 <REP> 1036

08/12/2005 10:05 <REP> 1033

15/02/2001 05:45 1 318 912 MSONSEXT.DLL

22/01/2001 03:25 86 016 PKMWS.DLL

22/01/2001 03:25 24 576 PKMTRACE.DLL

06/08/2000 09:04 401 462 MSVCP60.DLL

22/01/2001 03:25 69 632 PKMAXCTL.DLL

22/01/2001 03:25 872 448 PKMCDO.DLL

22/01/2001 03:25 159 744 PKMCORE.DLL

07/02/2001 09:59 106 496 PKMFORMS.DLL

12/02/2001 04:03 684 032 PKMRES.DLL

22/01/2001 03:25 28 672 PKMSSTLB.DLL

22/01/2001 03:25 40 960 PKMTEMPL.DLL

22/01/2001 03:25 237 568 PROMDEMO.DLL

22/01/2001 03:25 184 320 SECMGR.DLL

22/01/2001 03:25 323 584 VAIDDMGR.DLL

22/01/2001 03:25 32 768 VAIMEM.DLL

18 fichier(s) 4 879 944 octets

4 Rép(s) 156 295 004 160 octets libres

Le volume dans le lecteur C s'appelle ACER

Le numéro de série du volume est 320D-180E

 

Répertoire de C:\

 

18/01/2007 23:19 126 976 zip.exe

11/11/2001 00:00 68 096 diff.exe

27/08/2006 14:10 103 424 grep.exe

24/05/2001 12:59 162 304 UNWISE.EXE

11/04/2007 11:52 9 358 xx1232255.exe

5 fichier(s) 470 158 octets

0 Rép(s) 156 295 004 160 octets libres

c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\Setup.exe

c:\Documents and Settings\marion\Local Settings\Temp\Install_Messenger.exe

c:\Documents and Settings\marion\Local Settings\Temp\Répertoire temporaire 1 pour killbox.zip\KillBox.exe

c:\Documents and Settings\marion\Mes documents\msgpluslive-411.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\fixwareout.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\sdfix.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\dumphive.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\GenericRenosFix.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\HostsChk.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Process.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\Reboot.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\restart.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SmiUpdate.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\SrchSTS.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swreg.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swsc.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\swxcacls.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\smitfraudfix\SmitfraudFix\unzip.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\clean\clean\pskill.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\killbox\KillBox.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\catchme.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\diff.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\dumphive.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\Fport.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\grep.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\LFiles.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\pslist.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\streams.exe

c:\Documents and Settings\marion\Mes documents\Marion DUNOYER\diaghelp\DiagHelp\swreg.exe

c:\Documents and Settings\marion\Mes documents\marion\install_messenger.exe

c:\Documents and Settings\marion\Mes documents\marion\wmencoder.exe

c:\Documents and Settings\marion\Bureau\emule0.47c-installer.exe

c:\Documents and Settings\marion\Bureau\picasaweb-current-setup.exe

c:\Documents and Settings\marion\Application Data\MSNInstaller\msnauins.exe

c:\Documents and Settings\marion\Application Data\WholeSecurity\CAT\WSUIEE.exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\OPW9P26M\zaasSetup_65_737_000_fr[1].exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[1].exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\zgame4[2].exe

c:\Documents and Settings\guillaume\Local Settings\Temporary Internet Files\Content.IE5\12CFO4NN\ztool4[1].exe

c:\Documents and Settings\guillaume\Mes documents\louvetain\rustbfix.exe

c:\Documents and Settings\guillaume\Mes documents\louvetain\SDFix.exe

c:\Documents and Settings\guillaume\Mes documents\louvetain\zaasSetup_65_737_000_fr.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\ATR1.EXE

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\DH2005Patch1_2.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\TrophyViewer.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\unins000.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\uninspro.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\WebLauncher.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsia.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\instmsiw.exe

c:\Documents and Settings\guillaume\Mes documents\Deer Hunter 2005\Manual\Acrobat\setup.exe

c:\Documents and Settings\guillaume\Bureau\clean\pskill.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\dumphive.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\GenericRenosFix.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Process.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\Reboot.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\restart.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SmiUpdate.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\SrchSTS.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swreg.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swsc.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\swxcacls.exe

c:\Documents and Settings\guillaume\Bureau\SmitfraudFix\unzip.exe

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\MyZylomExtension\MyZylomExtension.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\ZylomExtension.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\delicious.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Delicious\fr-FR\fmod.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomDeluxeInstaller\ZylomDeluxeInstaller.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\babel.dll

c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\Babel\fr-FR\fmod.dll

c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setup.dll

c:\Documents and Settings\All Users\Application Data\Tarma Installer\{666A08DD-E48D-478E-B0BB-F5BEE24B2F18}\_Setupx.dll

c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVIP}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{0000278T-TT9K-T8DU-1KFV-23O5NTEJMVU6}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VVA}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VU0}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-83VE-238SHC0H2VVH}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV2}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVA}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{002AVPFP-JHLQ-ABE3-SM6K-20DE4GEHCVVJ}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVKO}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG5-V0BI-21QH2RV14VVR}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG6-LH31-23G9CBQV6VUC}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-LS5J-229F8D9V0VVC}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG2-FTST-22EV6QAI2VV1}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Identities\{000HQ7FF-AD7A-3FG7-9568-243JELPN2VVD}\xmlparse.dll

c:\Documents and Settings\marion\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

 

et le rapport killbox:

Pocket Killbox version 2.0.0.648

Running on Windows XP as marion(Administrator)

was started @ mardi, avril 17, 2007, 6:36 PM

 

Killbox Closed(Exit) @ 6:37:01 PM

__________________________________________________

 

Pocket Killbox version 2.0.0.648

Running on Windows XP as marion(Administrator)

was started @ mardi, avril 17, 2007, 6:37 PM

 

Killbox Closed(Exit) @ 6:37:31 PM

__________________________________________________

 

Pocket Killbox version 2.0.0.648

Running on Windows XP as marion(Administrator)

was started @ mardi, avril 17, 2007, 6:37 PM

 

# 1 [Delete on Reboot]

Path = C:\WINDOWS\System32\vexga4m1et4.exe

 

 

I Rebooted @ 6:39:52 PM

Killbox Closed(Exit) @ 6:39:54 PM

__________________________________________________

 

Pocket Killbox version 2.0.0.648

Running on Windows XP as marion(Administrator)

was started @ mardi, avril 17, 2007, 6:42 PM

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Vas sur http://upload.malekal.com

clic sur parcourir et sélectionne : C:\WINDOWS\updater.exe.bin

Clic sur envoyer fichier.

 

Recommence pour : C:\WINDOWS\updater.exe.tmp

 

 

Sur HijackThis, coche cette ligne :

 

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A

 

--> clic sur fix checked

 

Menu Démarrer / executer et tape : cmd puis clic sur OK.

Tape chacune de ces communes en appuyant sur la touche entrée à chaque fois pour valider la commande :

 

gmer -killall

gmer -del service winmgmt590b-7eef

gmer -del reg "HKLM\SYSTEM\CurrentControlSet\Services\winmgmt590b-7eef"

gmer -del reg "HKLM\SYSTEM\CurrentControl001\Services\winmgmt590b-7eef"

gmer -del reg "HKLM\SYSTEM\CurrentControl002\Services\winmgmt590b-7eef"

gmer -del file "C:\WINDOWS\System32\vexg3am1et3.exe"

gmer -del file "C:\WINDOWS\System32\vexg4am1et2.exe"

gmer -del file "C:\WINDOWS\System32\cent.exe"

gmer -del file "C:\WINDOWS\System32\cszgj.exe"

gmer -del file "C:\WINDOWS\System32\cspqa.exe"

gmer -del file "c:\xx1232255.exe"

gmer -del file "C:\WINDOWS\updater.exe.tmp"

gmer -del file "C:\WINDOWS\updater.exe.bin"

gmer -del file "C:\WINDOWS\system32\windev-590b-7eef.sys"

gmer -del file "C:\WINDOWS\system32\windev-peers.ini"

gmer -reboot

 

L'ordinateur va redémarrer.

Poste un nouveau rapport HijackThis.

 

____

 

 

Relance DiagHelp option 1 et poste le rapport ici.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...