Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Analyse Rapport Hijackthis... (Ordi Lent)

xPUNK84x

Par xPUNK84x
dans Analyses et éradication malwares

 Partager

Messages recommandés

xPUNK84x Member

xPUNK84x

Posté(e)
Posté(e)

Mon ordi devien de plus en plus lent... :P bon il est vrai qu'il est plein de chose mais malgré avoir graver plein d'affaire...

il reste tjrs lent et il y a souvent des pop up de pub et ce malgré que j'utilise crazy browser avec un kill pop up...

:P aussi j'ai plusieur logiciel qui m'est impossible d'enlever de mon ordi car le fichier est corompus... alors voici ma

liste de fichier suivie du rapport d'hijackthis... MERCI ÉNORMÉMENT POUR VOTRE AIDE... :P

 

----------------------------

 

liste de prog:

 

Avisynth 2.5

CloneCD

DivxToDVD 0.5.2

Guitar Pro 4.0.7

InCD

 

 

---------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 10:47:36, on 2007-10-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

C:\Program Files\Crazy Browser\Crazy Browser.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.distributel.net/distributel-portail_fr.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.distributel.net/distributel-portail_fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.sympatico.msn.ca/spbasic.htm...1&mkt=fr-CA

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/?mkt=fr-CA

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.distributel.net/distributel-portail_fr

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.distributel.net/distributel-portail_fr.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Distributel

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {00379D1C-7135-49FB-99C1-46A8AC7452D1} - (no file)

O2 - BHO: (no name) - {1B8EC253-83A5-4318-A93E-C81CAB8C6E0A} - (no file)

O2 - BHO: (no name) - {38B1BD4B-FDE7-4B21-8F34-732C33C1B1BE} - (no file)

O2 - BHO: (no name) - {3C3F38FA-A11E-80BB-4F63-828DB027D5BF} - (no file)

O2 - BHO: (no name) - {42E72255-1A37-4664-B804-76312F3E867D} - (no file)

O2 - BHO: (no name) - {4B2DF45D-9466-48D7-9919-38124FD38FCa} - C:\WINDOWS\system32\qcsrygux.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {64F45146-E218-4B8D-96B4-1099D4F29E55} - (no file)

O2 - BHO: (no name) - {7ABAD65C-2CF6-4DFF-AF59-0518D96AACA8} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {849B7C72-CAF5-476F-9A68-578610E2FCEd} - C:\WINDOWS\system32\qcsrygux.dll

O2 - BHO: (no name) - {8DEB4E01-5C8F-49B5-B287-283D582695D1} - (no file)

O2 - BHO: (no name) - {90C8890D-3DC8-49A5-BDDF-6CFF74FE9B77} - (no file)

O2 - BHO: (no name) - {B355C91C-918A-4640-9965-17B3F083E1D7} - (no file)

O2 - BHO: (no name) - {C0E02178-39A7-47D8-946D-73164C051D28} - (no file)

O2 - BHO: (no name) - {C66B8CA0-08B2-45F7-B0C5-7CF8D0E6D19a} - C:\WINDOWS\system32\qcsrygux.dll

O2 - BHO: (no name) - {D658DE10-D2DE-49F9-8997-29E6142F1A3A} - (no file)

O2 - BHO: (no name) - {E2CE7EC8-E3E6-4542-9FFB-70FCC8D570F5} - (no file)

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O2 - BHO: (no name) - {EEC95489-843E-48F7-863A-DDF92756A028} - C:\WINDOWS\system32\ddabc.dll (file missing)

O2 - BHO: (no name) - {F6445123-9EDE-4A69-BC80-CAE1BE6BBA45} - (no file)

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [searchIndexer] rundll32.exe "C:\WINDOWS\system32\kvmegqdx.dll",sitypnow

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [LphantAutoRun] C:\Program Files\lphant\eLePhantClient.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106w.bay106.mail.live.com/mail/re...es/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531

O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab

O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://webgames.d.tmsrv.com/c=b944d0fa907f...sh.1.0.0.58.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://games.pogo.com/online2/pogo/bejewel...aploader_v6.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 206.80.254.4,206.80.254.68

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: cbxywxw - cbxywxw.dll (file missing)

O20 - Winlogon Notify: ddabc - C:\WINDOWS\system32\ddabc.dll (file missing)

O20 - Winlogon Notify: ddaya - C:\WINDOWS\system32\ddaya.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Unknown owner - C:\Program Files\Sygate\SPF\Smc.exe (file missing)

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Salut,

 

Tu es infecté.

 

Relance HijackThis, coche ces lignes :

 

O2 - BHO: (no name) - {00379D1C-7135-49FB-99C1-46A8AC7452D1} - (no file)

O2 - BHO: (no name) - {1B8EC253-83A5-4318-A93E-C81CAB8C6E0A} - (no file)

O2 - BHO: (no name) - {38B1BD4B-FDE7-4B21-8F34-732C33C1B1BE} - (no file)

O2 - BHO: (no name) - {3C3F38FA-A11E-80BB-4F63-828DB027D5BF} - (no file)

O2 - BHO: (no name) - {42E72255-1A37-4664-B804-76312F3E867D} - (no file)

O2 - BHO: (no name) - {4B2DF45D-9466-48D7-9919-38124FD38FCa} - C:\WINDOWS\system32\qcsrygux.dll

O2 - BHO: (no name) - {64F45146-E218-4B8D-96B4-1099D4F29E55} - (no file)

O2 - BHO: (no name) - {7ABAD65C-2CF6-4DFF-AF59-0518D96AACA8} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {849B7C72-CAF5-476F-9A68-578610E2FCEd} - C:\WINDOWS\system32\qcsrygux.dll

O2 - BHO: (no name) - {8DEB4E01-5C8F-49B5-B287-283D582695D1} - (no file)

O2 - BHO: (no name) - {90C8890D-3DC8-49A5-BDDF-6CFF74FE9B77} - (no file)

O2 - BHO: (no name) - {B355C91C-918A-4640-9965-17B3F083E1D7} - (no file)

O2 - BHO: (no name) - {C0E02178-39A7-47D8-946D-73164C051D28} - (no file)

O2 - BHO: (no name) - {C66B8CA0-08B2-45F7-B0C5-7CF8D0E6D19a} - C:\WINDOWS\system32\qcsrygux.dll

O2 - BHO: (no name) - {D658DE10-D2DE-49F9-8997-29E6142F1A3A} - (no file)

O2 - BHO: (no name) - {E2CE7EC8-E3E6-4542-9FFB-70FCC8D570F5} - (no file)

O2 - BHO: (no name) - {EEC95489-843E-48F7-863A-DDF92756A028} - C:\WINDOWS\system32\ddabc.dll (file missing)

O2 - BHO: (no name) - {F6445123-9EDE-4A69-BC80-CAE1BE6BBA45} - (no file)

O4 - HKLM\..\Run: [searchIndexer] rundll32.exe "C:\WINDOWS\system32\kvmegqdx.dll",sitypnow

O20 - Winlogon Notify: cbxywxw - cbxywxw.dll (file missing)

O20 - Winlogon Notify: ddabc - C:\WINDOWS\system32\ddabc.dll (file missing)

O20 - Winlogon Notify: ddaya - C:\WINDOWS\system32\ddaya.dll (file missing)

 

--> clic sur fix checked

 

 

Télécharge Combofix sUBs : combofix.exe

et sauvegarde le sur ton bureau et pas ailleurs!

 

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

 

Copie/colle un nouveau rapport HiJackThis avec.

xPUNK84x Member

xPUNK84x

Posté(e)
  • Auteur
Posté(e) (modifié)

bon sa part bien c'est trois ligne la impossible a supprimé c'est ce que hijackthis dit

mais pourtant avec le nouveau rapport il n'est plus la

 

O20 - Winlogon Notify: cbxywxw - cbxywxw.dll (file missing)

O20 - Winlogon Notify: ddabc - C:\WINDOWS\system32\ddabc.dll (file missing)

O20 - Winlogon Notify: ddaya - C:\WINDOWS\system32\ddaya.dll (file missing)

 

 

......

 

ensuite une erreur fatal c'est produite pour combofix.exe

 

c:\WINDOWS\regedit.exe manquant.

 

copier le a partir d'une autre machine...

 

-----------

 

 

Logfile of HijackThis v1.99.1

Scan saved at 11:26:45, on 2007-10-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

C:\Program Files\Crazy Browser\Crazy Browser.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.distributel.net/distributel-portail_fr.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.distributel.net/distributel-portail_fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.sympatico.msn.ca/spbasic.htm...1&mkt=fr-CA

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/?mkt=fr-CA

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.distributel.net/distributel-portail_fr

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.distributel.net/distributel-portail_fr.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Distributel

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [searchIndexer] rundll32.exe "C:\WINDOWS\system32\kvmegqdx.dll",sitypnow

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [LphantAutoRun] C:\Program Files\lphant\eLePhantClient.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106w.bay106.mail.live.com/mail/re...es/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531

O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab

O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://webgames.d.tmsrv.com/c=b944d0fa907f...sh.1.0.0.58.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://games.pogo.com/online2/pogo/bejewel...aploader_v6.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 206.80.254.4,206.80.254.68

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Unknown owner - C:\Program Files\Sygate\SPF\Smc.exe (file missing)

Modifié par xPUNK84x
xPUNK84x Member

xPUNK84x

Posté(e)
  • Auteur
Posté(e)
D'abord le rapport combofix ensuite HijackThis..

 

 

COMBOFIX ne marche pas... en essayant de l'ouvrire voici ce que sa me dit

 

 

----

ensuite une erreur fatal c'est produite pour combofix.exe

 

c:\WINDOWS\regedit.exe manquant.

 

copier le a partir d'une autre machine...

-----

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

oula.. c'est pas normal ça :P

copie le fichier regedit.exe depuis l'autre PC sur celui manquant dans le dossier Windows et retente Combofix.

 

et un petit Menu Démarrer / executer et tape : sfc /scannow puis clic sur OK.

xPUNK84x Member

xPUNK84x

Posté(e)
  • Auteur
Posté(e)
oula.. c'est pas normal ça :P

copie le fichier regedit.exe depuis l'autre PC sur celui manquant dans le dossier Windows et retente Combofix.

 

et un petit Menu Démarrer / executer et tape : sfc /scannow puis clic sur OK.

 

 

oki j'veux bien mais j'ai pas de deuxieme pc lollllll

xPUNK84x Member

xPUNK84x

Posté(e)
  • Auteur
Posté(e)
Je te l'ai mis là : http://www2.malekal.com/download/regedit.exe

J'espère que tu as pas un Windows cracké...

 

Fais la manip avec sfc /scannow puis retente ComboFix..

 

alors rapport de combofix:

 

ComboFix 07-10-28.2 - xERIC22x 2007-10-28 12:40:29.1 - NTFSx86

Running from: C:\Documents and Settings\xERIC22x\Bureau\ComboFix.exe

* Created a new restore point

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Documents and Settings\All Users\Application Data.\salesmonitor

C:\Documents and Settings\All Users\Application Data\SystemDoctor Free

C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr

C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode

C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS

C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode

C:\Documents and Settings\xERIC22x\Application Data\inst.exe

C:\Documents and Settings\xERIC22x\Bureau\Find Spyware Remover.lnk

C:\Program Files\asembl~1

C:\Program Files\asembl~1\a?sembly\

C:\Program Files\download plugin

C:\Program Files\Fichiers communs\{EC18C~1

C:\Program Files\Fichiers communs\SystemDoctor

C:\Program Files\Fichiers communs\SystemDoctor\err.log

C:\Program Files\fnts~1

C:\Program Files\outlook

C:\Program Files\winupdates

C:\WINDOWS\cookies.ini

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_food_ready_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_gain_heart_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_get_drinks_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_party_arrive_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pencil_write_2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pickup_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_rollover_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_seat_people_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\choosedifficulty.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\credits.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_lose.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_win.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help1.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help2.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\highscores.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\mainmenu.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradegrid.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradetitle.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upsell.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalk.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalkup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancel.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancelup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\close.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\closeup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continueover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplay.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplayover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfoup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off_on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on_on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pause.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pauseover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgame.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgameover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegame.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegameover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submitup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagain.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagainover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobal.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobalup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscore.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscoreon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocal.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocalup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics\webcomic.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\career.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\customer.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\endless.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\global.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\powerups.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\stove.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\arrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\grab.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\open.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\arial.mvec

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\komikaaxis.mvec

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_off.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on1.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdown.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdownon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowleft.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowlefton.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowright.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowrighton.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowupon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\p1icon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\textedit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\title.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_d.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_d.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fifth_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\first_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fourth_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\second_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\playfirst_logo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\background.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames\upgrade_0001.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\upgrades.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\tableshadow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\choosedifficulty.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooseplayer.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooserestaurant.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\credits.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\game.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\gothighscore.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help2.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscore.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoreinfo.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoresubmit.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelintro.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelover.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\loading.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainloop.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainmenu.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\ok.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\pause.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\style.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\tutorialintro.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upgrade.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upsell.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\webcomic.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\yesno.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\gamelabsplash.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\playfirst_logo.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\strings.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\check.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\checkmark.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\clock.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closed.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closingtime.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\dollar.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\coffee.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\tables.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\wallpaper.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expert.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expertscore.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\fork_timer.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\goalcompleted.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level_career.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\score.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\sound.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staroff.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staron.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumber.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumberup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\traynumber.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorial_character.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialarrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialbox.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\drinks.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\maitred.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\oven.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\select.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\shoes.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\stereo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\table.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\dinerdash.exe

C:\WINDOWS\Fonts\acrsecI.fon

C:\WINDOWS\system32\ankwdqko.exe

C:\WINDOWS\system32\atlkgxgc.exe

C:\WINDOWS\system32\ayadd.bak2

C:\WINDOWS\system32\ayadd.ini2

C:\WINDOWS\system32\ayadd.tmp

C:\WINDOWS\system32\bcbqljil.exe

C:\WINDOWS\system32\bctgebvu.exe

C:\WINDOWS\system32\bkbtgqli.exe

C:\WINDOWS\system32\bmlbaruu.dll

C:\WINDOWS\system32\botwwcbj.exe

C:\WINDOWS\system32\braklsee.exe

C:\WINDOWS\system32\bryyocxo.exe

C:\WINDOWS\system32\cbadd.bak1

C:\WINDOWS\system32\cbadd.bak2

C:\WINDOWS\system32\cbadd.ini

C:\WINDOWS\system32\cbadd.ini2

C:\WINDOWS\system32\cbadd.tmp

C:\WINDOWS\system32\ccvvthck.exe

C:\WINDOWS\system32\cfusyexo.exe

C:\WINDOWS\system32\ciwiswox.exe

C:\WINDOWS\system32\cqouqvxc.exe

C:\WINDOWS\system32\cstxbtnj.dll

C:\WINDOWS\system32\cumhanqk.exe

C:\WINDOWS\system32\decjahvq.exe

C:\WINDOWS\system32\dkphjfpp.exe

C:\WINDOWS\system32\dpcaswsb.exe

C:\WINDOWS\system32\dpixdvag.exe

C:\WINDOWS\system32\drttwadb.dll

C:\WINDOWS\system32\drvgenr.dll

C:\WINDOWS\system32\drvzutr.dll

C:\WINDOWS\system32\elvlkkpa.exe

C:\WINDOWS\system32\eqdgcefk.exe

C:\WINDOWS\system32\fawdrmek.exe

C:\WINDOWS\system32\fudiwevp.exe

C:\WINDOWS\system32\fwqopbnx.exe

C:\WINDOWS\system32\gaqexipe.exe

C:\WINDOWS\system32\gddeyoci.dll

C:\WINDOWS\system32\gotbiuvr.exe

C:\WINDOWS\system32\gqyhkjlu.exe

C:\WINDOWS\system32\hvdfksrv.exe

C:\WINDOWS\system32\jcafupyt.exe

C:\WINDOWS\system32\jgkriqux.exe

C:\WINDOWS\system32\jhrxsmfl.exe

C:\WINDOWS\system32\jmsaiwny.exe

C:\WINDOWS\system32\jmsqcrqw.exe

C:\WINDOWS\system32\krcahnow.exe

C:\WINDOWS\system32\ktatkmoa.exe

C:\WINDOWS\system32\kxmgwdyg.exe

C:\WINDOWS\system32\lbhavmep.exe

C:\WINDOWS\system32\ljbkwmkf.exe

C:\WINDOWS\system32\lmugkjkp.exe

C:\WINDOWS\system32\lnngwjyq.exe

C:\WINDOWS\system32\ltptxrqp.exe

C:\WINDOWS\system32\lttjiekv.exe

C:\WINDOWS\system32\mgwnwxux.exe

C:\WINDOWS\system32\mjqhettv.exe

C:\WINDOWS\system32\mjrmthsc.exe

C:\WINDOWS\system32\mkobtchj.exe

C:\WINDOWS\system32\nercqsve.exe

C:\WINDOWS\system32\nlkvwnay.exe

C:\WINDOWS\system32\ofdjgtfl.exe

C:\WINDOWS\system32\ogjihgnu.exe

C:\WINDOWS\system32\ogukxmie.exe

C:\WINDOWS\system32\ouxrthbv.exe

C:\WINDOWS\system32\pciuxmod.exe

C:\WINDOWS\system32\phafdims.exe

C:\WINDOWS\system32\pjfgjigp.exe

C:\WINDOWS\system32\pjhsgyer.exe

C:\WINDOWS\system32\plltdgkq.exe

C:\WINDOWS\system32\posnwiwc.exe

C:\WINDOWS\system32\ptdjambr.exe

C:\WINDOWS\system32\puucqqwf.exe

C:\WINDOWS\system32\pybgfsje.exe

C:\WINDOWS\system32\qcsrygux.dll

C:\WINDOWS\system32\qfgksilb.exe

C:\WINDOWS\system32\qgyrsohu.exe

C:\WINDOWS\system32\qqlsxbyg.exe

C:\WINDOWS\system32\qribenyy.exe

C:\WINDOWS\system32\qufhjkwx.exe

C:\WINDOWS\system32\raidykes.exe

C:\WINDOWS\system32\rppxtada.exe

C:\WINDOWS\system32\ruiiidov.exe

C:\WINDOWS\system32\rwrhonrl.exe

C:\WINDOWS\system32\sacjofwr.exe

C:\WINDOWS\system32\sfswmrwr.exe

C:\WINDOWS\system32\sjabxgcq.exe

C:\WINDOWS\system32\sjgxvbtt.exe

C:\WINDOWS\system32\soiovfca.exe

C:\WINDOWS\system32\sowbuorp.exe

C:\WINDOWS\system32\suailhpk.exe

C:\WINDOWS\system32\subcumee.dll

C:\WINDOWS\system32\tbwcypkx.exe

C:\WINDOWS\system32\tgvjxtsx.exe

C:\WINDOWS\system32\ththanak.exe

C:\WINDOWS\system32\tqinbeav.exe

C:\WINDOWS\system32\tsfwrxtx.exe

C:\WINDOWS\system32\tsswefpt.exe

C:\WINDOWS\system32\txawqoqt.exe

C:\WINDOWS\system32\tyurdrev.exe

C:\WINDOWS\system32\uesyangm.exe

C:\WINDOWS\system32\uotajnyr.exe

C:\WINDOWS\system32\vodjxqah.exe

C:\WINDOWS\system32\vupirpbs.exe

C:\WINDOWS\system32\vwimcxpr.exe

C:\WINDOWS\system32\vxdujjlp.exe

C:\WINDOWS\system32\waaiqdgg.exe

C:\WINDOWS\system32\wboexoiw.exe

C:\WINDOWS\system32\wdkonakv.exe

C:\WINDOWS\system32\whnpxctd.exe

C:\WINDOWS\system32\wxlkcwsd.exe

C:\WINDOWS\system32\xdmqbvgr.exe

C:\WINDOWS\system32\xgdliuob.exe

C:\WINDOWS\system32\xqokykyg.exe

C:\WINDOWS\system32\xtxdedst.exe

C:\WINDOWS\system32\yqwbcrko.exe

C:\WINDOWS\system32\ywoifmrv.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

 

.

-------\LEGACY_DOMAINSERVICE

-------\LEGACY_FOPN

 

 

((((((((((((((((((((((((((((( Fichiers créés 2007-09-28 to 2007-10-28 ))))))))))))))))))))))))))))))))))))

.

 

2007-10-28 12:38 153,088 --a------ C:\WINDOWS\regedit.exe

2007-10-28 11:21 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-10-22 13:52 <REP> d-------- C:\Program Files\CFWebAdvancedU

2007-10-22 13:52 <REP> d-------- C:\Documents and Settings\xERIC22x\Application Data\CamfrogWEB

2007-10-21 16:53 <REP> d-------- C:\Program Files\Web TV

2007-10-09 22:13 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-10-28 16:26 --------- d-----w C:\Program Files\HIJACKTHIS VF

2007-10-28 15:36 --------- d-----w C:\Documents and Settings\xERIC22x\Application Data\AVG7

2007-10-27 13:57 --------- d-----w C:\Program Files\mIRC

2007-10-27 13:55 --------- d-----w C:\Program Files\FairUse Wizard 2

2007-10-24 18:00 --------- d-----w C:\Program Files\FlashFXP

2007-10-22 17:49 2,158 ----a-w C:\Documents and Settings\xERIC22x\Application Data\wklnhst.dat

2007-10-21 23:59 --------- d-----w C:\Documents and Settings\Melanie\Application Data\AVG7

2007-09-25 00:21 4,864 ----a-w C:\Documents and Settings\Melanie\Application Data\wklnhst.dat

2007-09-24 21:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2007-09-24 00:41 --------- d-----w C:\Documents and Settings\xERIC22x\Application Data\Corel

2007-09-23 13:01 --------- d-----w C:\Documents and Settings\Pauline\Application Data\AVG7

2007-09-18 17:32 --------- d-----w C:\Program Files\yjwlajwz

2007-09-15 13:55 --------- d-----w C:\Program Files\Microsoft Games

2007-09-06 09:57 --------- d-----w C:\Program Files\Fichiers communs\Corel

2007-09-06 09:57 --------- d-----w C:\Documents and Settings\Melanie\Application Data\Corel

2007-09-06 09:54 --------- d-----w C:\Program Files\Corel

2007-09-06 06:11 --------- d-----w C:\Program Files\IncrediMail

2007-09-06 06:08 --------- d-----w C:\Program Files\eMule

2007-09-06 02:06 --------- d-----w C:\Program Files\Common Files

2007-09-05 15:32 35,872 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat

2007-09-05 15:32 3,428 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx

2007-09-05 15:32 3,053,600 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat

2007-09-05 15:32 21,008 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx

2007-09-05 02:06 --------- d-----w C:\Documents and Settings\xERIC22x\Application Data\MailFrontier

2007-09-04 21:48 --------- d-----w C:\Program Files\vmntoolbar

2007-09-04 21:48 --------- d-----w C:\Program Files\STK013

2007-09-04 17:34 512 ----a-w C:\ScanSectorLog.dat

2007-09-04 06:02 --------- d-----w C:\Documents and Settings\Melanie\Application Data\MailFrontier

2007-09-04 02:18 --------- d-----w C:\Program Files\MSXML 4.0

2007-09-03 16:37 --------- d-----w C:\Program Files\MSN Messenger

2007-09-03 07:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

2007-09-02 21:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7

2007-09-02 21:37 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7

2007-09-02 21:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft

2007-09-02 05:13 --------- d-----w C:\Program Files\lphant

2007-09-01 19:45 --------- d-----w C:\Documents and Settings\Pauline\Application Data\Talkback

2007-09-01 15:33 --------- d-----w C:\Program Files\Qualcomm

2007-08-28 19:45 --------- d-----w C:\Documents and Settings\xERIC22x\Application Data\dvdcss

2007-06-30 18:18 81,920 ----a-w C:\Documents and Settings\xERIC22x\Application Data\ezpinst.exe

2007-06-30 18:18 47,360 ----a-w C:\Documents and Settings\xERIC22x\Application Data\pcouffin.sys

2001-07-13 02:57 0 ---ha-r C:\Program Files\EBUSetup.sem

2006-10-22 01:22:39 8 --sh--r C:\WINDOWS\system32\934A99F471.sys

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00379D1C-7135-49FB-99C1-46A8AC7452D1}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1B8EC253-83A5-4318-A93E-C81CAB8C6E0A}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{38B1BD4B-FDE7-4B21-8F34-732C33C1B1BE}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3C3F38FA-A11E-80BB-4F63-828DB027D5BF}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{42E72255-1A37-4664-B804-76312F3E867D}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4B2DF45D-9466-48D7-9919-38124FD38FCa}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64F45146-E218-4B8D-96B4-1099D4F29E55}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7ABAD65C-2CF6-4DFF-AF59-0518D96AACA8}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{849B7C72-CAF5-476F-9A68-578610E2FCEd}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8DEB4E01-5C8F-49B5-B287-283D582695D1}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90C8890D-3DC8-49A5-BDDF-6CFF74FE9B77}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B355C91C-918A-4640-9965-17B3F083E1D7}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C0E02178-39A7-47D8-946D-73164C051D28}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C66B8CA0-08B2-45F7-B0C5-7CF8D0E6D19a}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D658DE10-D2DE-49F9-8997-29E6142F1A3A}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E2CE7EC8-E3E6-4542-9FFB-70FCC8D570F5}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEC95489-843E-48F7-863A-DDF92756A028}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F6445123-9EDE-4A69-BC80-CAE1BE6BBA45}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-23 09:02]

"SearchIndexer"="C:\WINDOWS\system32\kvmegqdx.dll" []

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-11-19 20:37]

"LphantAutoRun"="C:\Program Files\lphant\eLePhantClient.exe" [2007-06-22 11:21]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

 

C:\Documents and Settings\xERIC22x\Menu Démarrer\Programmes\Démarrage\

wkcalrem.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2006-06-05 01:53:24]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Digital Line Detect.lnk]

path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk

backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^STK013 PNP Monitor.lnk]

path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\STK013 PNP Monitor.lnk

backup=C:\WINDOWS\pss\STK013 PNP Monitor.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Melanie^Menu Démarrer^Programmes^Démarrage^WkCalRem.LNK]

path=C:\Documents and Settings\Melanie\Menu Démarrer\Programmes\Démarrage\WkCalRem.LNK

backup=C:\WINDOWS\pss\WkCalRem.LNKStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avp]

C:\WINDOWS\TEMP\winFA.tmp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

"C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Conjugaison]

C:\Documents and Settings\Melanie\Mes documents\conjLauncher.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPLv3]

rundll32.exe "C:\WINDOWS\system32\klmtsajp.dll",realset

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

C:\WINDOWS\system32\hkcmd.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

C:\WINDOWS\system32\igfxtray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

C:\Program Files\Ahead\InCD\InCD.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

%systemroot%\system32\dumprep 0 -k

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LphantAutoRun]

C:\Program Files\lphant\eLePhantClient.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

C:\WINDOWS\system32\igfxpers.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\smgr]

mgrs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

C:\Program Files\Analog Devices\Core\smax4pnp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]

"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

 

S3 ASPI;Advanced SCSI Programming Interface Driver;\??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys

S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"

S3 DCamUSBSTK013;STK013 Camera;C:\WINDOWS\system32\DRIVERS\STK013W2.sys

S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

S4 binconf;FireDaemon Service: binconf;C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE

S4 windll64;FireDaemon Service: windll64;C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE

 

.

**************************************************************************

 

catchme 0.3.1239 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-10-28 12:51:35

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2007-10-28 12:55:07 - machine was rebooted

.

--- E O F ---

 

 

 

rapport: hijackthis

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 12:55:47, on 2007-10-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\cmd.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.distributel.net/distributel-portail_fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/?mkt=fr-CA

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.distributel.net/distributel-portail_fr

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.distributel.net/distributel-portail_fr.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.ca/ig/dell?hl=fr&client=dell-row&channel=ca&ibd=0060928

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.ca/ig/dell?hl=fr&cli...amp;ibd=0060928

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {00379D1C-7135-49FB-99C1-46A8AC7452D1} - (no file)

O2 - BHO: (no name) - {1B8EC253-83A5-4318-A93E-C81CAB8C6E0A} - (no file)

O2 - BHO: (no name) - {38B1BD4B-FDE7-4B21-8F34-732C33C1B1BE} - (no file)

O2 - BHO: (no name) - {3C3F38FA-A11E-80BB-4F63-828DB027D5BF} - (no file)

O2 - BHO: (no name) - {42E72255-1A37-4664-B804-76312F3E867D} - (no file)

O2 - BHO: (no name) - {4B2DF45D-9466-48D7-9919-38124FD38FCa} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: (no name) - {64F45146-E218-4B8D-96B4-1099D4F29E55} - (no file)

O2 - BHO: (no name) - {7ABAD65C-2CF6-4DFF-AF59-0518D96AACA8} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {849B7C72-CAF5-476F-9A68-578610E2FCEd} - (no file)

O2 - BHO: (no name) - {8DEB4E01-5C8F-49B5-B287-283D582695D1} - (no file)

O2 - BHO: (no name) - {90C8890D-3DC8-49A5-BDDF-6CFF74FE9B77} - (no file)

O2 - BHO: (no name) - {B355C91C-918A-4640-9965-17B3F083E1D7} - (no file)

O2 - BHO: (no name) - {C0E02178-39A7-47D8-946D-73164C051D28} - (no file)

O2 - BHO: (no name) - {C66B8CA0-08B2-45F7-B0C5-7CF8D0E6D19a} - (no file)

O2 - BHO: (no name) - {D658DE10-D2DE-49F9-8997-29E6142F1A3A} - (no file)

O2 - BHO: (no name) - {E2CE7EC8-E3E6-4542-9FFB-70FCC8D570F5} - (no file)

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O2 - BHO: (no name) - {EEC95489-843E-48F7-863A-DDF92756A028} - (no file)

O2 - BHO: (no name) - {F6445123-9EDE-4A69-BC80-CAE1BE6BBA45} - (no file)

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [searchIndexer] rundll32.exe "C:\WINDOWS\system32\kvmegqdx.dll",sitypnow

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [LphantAutoRun] C:\Program Files\lphant\eLePhantClient.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106w.bay106.mail.live.com/mail/re...es/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1161357769531

O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab

O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://webgames.d.tmsrv.com/c=b944d0fa907f...sh.1.0.0.58.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://games.pogo.com/online2/pogo/bejewel...aploader_v6.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6EDD0899-9C1A-4E49-8DD5-B6190C8DE0FB}: NameServer = 206.80.254.4,206.80.254.68

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Unknown owner - C:\Program Files\Sygate\SPF\Smc.exe (file missing)

O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)

Malekal_morte Godlike Member

Malekal_morte

Posté(e)
Posté(e)

Relance HijackThis, coche ces lignes :

 

O2 - BHO: (no name) - {00379D1C-7135-49FB-99C1-46A8AC7452D1} - (no file)

O2 - BHO: (no name) - {1B8EC253-83A5-4318-A93E-C81CAB8C6E0A} - (no file)

O2 - BHO: (no name) - {38B1BD4B-FDE7-4B21-8F34-732C33C1B1BE} - (no file)

O2 - BHO: (no name) - {3C3F38FA-A11E-80BB-4F63-828DB027D5BF} - (no file)

O2 - BHO: (no name) - {42E72255-1A37-4664-B804-76312F3E867D} - (no file)

O2 - BHO: (no name) - {4B2DF45D-9466-48D7-9919-38124FD38FCa} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: (no name) - {64F45146-E218-4B8D-96B4-1099D4F29E55} - (no file)

O2 - BHO: (no name) - {7ABAD65C-2CF6-4DFF-AF59-0518D96AACA8} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {849B7C72-CAF5-476F-9A68-578610E2FCEd} - (no file)

O2 - BHO: (no name) - {8DEB4E01-5C8F-49B5-B287-283D582695D1} - (no file)

O2 - BHO: (no name) - {90C8890D-3DC8-49A5-BDDF-6CFF74FE9B77} - (no file)

O2 - BHO: (no name) - {B355C91C-918A-4640-9965-17B3F083E1D7} - (no file)

O2 - BHO: (no name) - {C0E02178-39A7-47D8-946D-73164C051D28} - (no file)

O2 - BHO: (no name) - {C66B8CA0-08B2-45F7-B0C5-7CF8D0E6D19a} - (no file)

O2 - BHO: (no name) - {D658DE10-D2DE-49F9-8997-29E6142F1A3A} - (no file)

O2 - BHO: (no name) - {E2CE7EC8-E3E6-4542-9FFB-70FCC8D570F5} - (no file)

O2 - BHO: (no name) - {EEC95489-843E-48F7-863A-DDF92756A028} - (no file)

O2 - BHO: (no name) - {F6445123-9EDE-4A69-BC80-CAE1BE6BBA45} - (no file)

O4 - HKLM\..\Run: [searchIndexer] rundll32.exe "C:\WINDOWS\system32\kvmegqdx.dll",sitypnow

 

--> clic sur fix checked

 

-- Ouvre le poste de travail

-- Clic sur le menu outils en haut à droite puis options des dossiers

-- Dans la nouvelle fenêtre, clic sur l'onglet Affichage en haut

-- Coche dans la liste "Afficher les fichiers cachés"

-- Décoche "masquer les fichier proteger du systeme d exploitation (recommandée)"

-- Tu vas recevoir un message qui te dit que cela peut endommager le système, n'en tiens pas compte.

 

Supprime ces fichiers/dossiers

C:\Program Files\yjwlajwz

 

 

 

Ouvre internet explorer --> Outils --> Options internet --> onglet "sécurité" --> Valide "niveau par défaut".

Toujours sur Internet explorer --> Outils --> Options internet --> onglet "avancé" --> valide "Paramètres par défaut".

 

Pour effectuer les scans, désactive ton antivirus, logiciels de protections et logiciels pouvant bloquer les popups (barres Google, barres Yahoo etc..).

 

Scan en ligne avec Kaspersky :

- Fais un Scan en ligne sur Kaspersky en utilisant Internet Explorer et pas firefox, ça ne marchera pas!.

- Si tu es perdu, tu peux suivre cette aide pour les scans en ligne

- Au moment de choisir la cible à analyser, clics sur le bouton Paramètres d'analyse

- Dans la nouvelle fenêtre, coche étendu au milieu puis clic sur OK.

- Choisis le poste de travail dans la cible à analyser

- Copie/colle le rapport du scan ici

 

Note : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", vas dans Ajout/Suppression de programmes et désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

 

Si le scan avec Kaspersky ne fonctionne pas, tu peux faire un scan en ligne avec Panda :

- Fais un scan avec panda en désactivant ton antivirus pendant le scan!

(Si tu es perdu, tu peux suivre cette aide pour les scans en ligne)

- Copie/colle le rapport panda ici

 

Poste un nouveau rapport HijackThis.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...