Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Infection besoin d'aide pour éliminer

Invité Alexandra m

Par Invité Alexandra m
dans Analyses et éradication malwares

 Partager

Messages recommandés

Alexandra m Junior Member

Alexandra m

Posté(e)
Posté(e)

Alors voici le rapport de combofix: (je vais le poster en deux fois):

 

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.380 [GMT 2:00]

Endroit: C:\Documents and Settings\kiki\Bureau\ComboFix.exe

* Création d'un nouveau point de restauration

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Documents and Settings\kiki\Local Settings\Application Data\fwjoxso.dat

C:\Documents and Settings\kiki\Local Settings\Application Data\fwjoxso.exe

C:\Documents and Settings\kiki\Local Settings\Application Data\fwjoxso_nav.dat

C:\Documents and Settings\kiki\Local Settings\Application Data\fwjoxso_navps.dat

C:\Program Files\Inet Delivery

C:\Program Files\Inet Delivery\inetdl.exe

C:\Program Files\Inet Delivery\intdel.exe

C:\WINDOWS\a.bat

C:\WINDOWS\base64.tmp

C:\WINDOWS\bdn.com

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\customer_cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\heart.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_down.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\plates.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\ticket.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\tray.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\music\mainmenumusic.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_bring_check_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_order_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_diner.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_food_ready_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_gain_heart_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_get_drinks_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_party_arrive_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pencil_write_2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pickup_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_rollover_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_seat_people_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\choosedifficulty.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\credits.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_lose.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_win.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help1.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help2.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\highscores.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\mainmenu.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradegrid.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradetitle.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upsell.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalk.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalkup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancel.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancelup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\close.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\closeup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continueover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplay.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplayover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfoup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off_on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on_on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pause.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pauseover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgame.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgameover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegame.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegameover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submitup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagain.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagainover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobal.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobalup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscore.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscoreon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocal.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocalup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\comics\webcomic.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\career.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\customer.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\endless.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\global.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\powerups.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\stove.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\arrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\grab.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\open.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\arial.mvec

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\komikaaxis.mvec

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_off.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on1.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdown.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdownon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowleft.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowlefton.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowright.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowrighton.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowupon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\p1icon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\textedit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\title.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_d.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_d.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fifth_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\first_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fourth_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\second_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\playfirst_logo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\background.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\frames\upgrade_0001.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\upgrades.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\tableshadow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\choosedifficulty.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooseplayer.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooserestaurant.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\credits.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\game.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\gothighscore.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help2.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscore.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoreinfo.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoresubmit.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelintro.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelover.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\loading.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainloop.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainmenu.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\ok.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\pause.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\style.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\tutorialintro.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upgrade.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upsell.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\webcomic.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\yesno.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\aol_logo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\gamelabsplash.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\playfirst_logo.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\strings.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\check.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\checkmark.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\clock.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closed.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closingtime.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\dollar.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\coffee.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\tables.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\wallpaper.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expert.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expertscore.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\fork_timer.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\goalcompleted.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level_career.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\score.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\sound.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staroff.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staron.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumber.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumberup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\traynumber.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorial_character.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialarrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialbox.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\drinks.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\maitred.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\oven.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\select.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\shoes.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\stereo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\table.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.80\dinerdash.exe

 

 

 

 

C:\WINDOWS\FVProtect.exe

C:\WINDOWS\iTunesMusic.exe

C:\WINDOWS\mslagent

C:\WINDOWS\mslagent\2_mslagent.dll

C:\WINDOWS\mslagent\mslagent.exe

C:\WINDOWS\mslagent\uninstall.exe

C:\WINDOWS\mssecu.exe

C:\WINDOWS\pack.epk

C:\WINDOWS\system32\akttzn.exe

C:\WINDOWS\system32\anticipator.dll

C:\WINDOWS\system32\awtoolb.dll

C:\WINDOWS\system32\bdn.com

C:\WINDOWS\system32\bsva-egihsg52.exe

C:\WINDOWS\system32\dpcproxy.exe

C:\WINDOWS\system32\emesx.dll

C:\WINDOWS\system32\h@tkeysh@@k.dll

C:\WINDOWS\system32\hoproxy.dll

C:\WINDOWS\system32\hxiwlgpm.dat

C:\WINDOWS\system32\hxiwlgpm.exe

C:\WINDOWS\system32\LnXIlnmp.ini

C:\WINDOWS\system32\LnXIlnmp.ini2

C:\WINDOWS\system32\medup012.dll

C:\WINDOWS\system32\medup020.dll

C:\WINDOWS\system32\msgp.exe

C:\WINDOWS\system32\MSINET.oca

C:\WINDOWS\system32\msnbho.dll

C:\WINDOWS\system32\mssecu.exe

C:\WINDOWS\system32\msvchost.exe

C:\WINDOWS\system32\mtr2.exe

C:\WINDOWS\system32\mwin32.exe

C:\WINDOWS\system32\netode.exe

C:\WINDOWS\system32\newsd32.exe

C:\WINDOWS\system32\nvs2.inf

C:\WINDOWS\system32\ps1.exe

C:\WINDOWS\system32\psof1.exe

C:\WINDOWS\system32\psoft1.exe

C:\WINDOWS\system32\regc64.dll

C:\WINDOWS\system32\regm64.dll

C:\WINDOWS\system32\Rundl1.exe

C:\WINDOWS\system32\smp

C:\WINDOWS\system32\smp\msrc.exe

C:\WINDOWS\system32\sncntr.exe

C:\WINDOWS\system32\ssurf022.dll

C:\WINDOWS\system32\ssvchost.com

C:\WINDOWS\system32\ssvchost.exe

C:\WINDOWS\system32\sysreq.exe

C:\WINDOWS\system32\taack.dat

C:\WINDOWS\system32\taack.exe

C:\WINDOWS\system32\temp#01.exe

C:\WINDOWS\system32\thun.dll

C:\WINDOWS\system32\thun32.dll

C:\WINDOWS\system32\VBIEWER.OCX

C:\WINDOWS\system32\vbsys2.dll

C:\WINDOWS\system32\vcatchpi.dll

C:\WINDOWS\system32\winlogonpc.exe

C:\WINDOWS\system32\winsystem.exe

C:\WINDOWS\system32\WINWGPX.EXE

C:\WINDOWS\userconfig9x.dll

C:\WINDOWS\Web\def.htm

C:\WINDOWS\winsystem.exe

C:\WINDOWS\zip1.tmp

C:\WINDOWS\zip2.tmp

C:\WINDOWS\zip3.tmp

C:\WINDOWS\zipped.tmp

 

.

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-18 to 2008-05-18 ))))))))))))))))))))))))))))))))))))

.

 

2008-05-18 12:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe

2008-05-09 21:37 . 2008-05-16 22:38 <REP> d-------- C:\Program Files\Everest Poker

2008-05-08 15:51 . 2008-05-08 15:51 <REP> d-------- C:\Program Files\Trend Micro

2008-05-08 15:50 . 2008-05-08 21:10 <REP> d-------- C:\Program Files\Karcher

2008-05-08 13:28 . 2008-05-18 12:28 <REP> d-------- C:\Program Files\Navilog1

2008-05-08 12:42 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe

2008-05-08 12:42 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

2008-05-08 12:42 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe

2008-05-08 12:42 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe

2008-05-08 12:42 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe

2008-05-08 12:42 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

2008-05-08 12:42 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe

2008-05-08 12:42 . 2008-05-08 13:12 3,352 --a------ C:\WINDOWS\system32\tmp.reg

2008-05-08 00:17 . 2008-05-08 11:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira

2008-05-07 22:57 . 2008-05-07 23:54 <REP> d-------- C:\WINDOWS\BDOSCAN8

2008-05-03 11:27 . 2008-05-03 11:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SugarGames

2008-04-23 22:35 . 2008-05-10 11:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-04-23 22:35 . 2008-04-23 22:35 1,409 --a------ C:\WINDOWS\QTFont.for

2008-04-22 12:33 . 2008-04-22 12:34 <REP> d-------- C:\Program Files\Web Hottest Videos Personal Player

2008-04-22 12:33 . 2008-04-22 12:34 <REP> d-------- C:\Program Files\Online_TV

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-18 10:31 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS

2008-05-16 06:00 --------- d-----w C:\Documents and Settings\kiki\Application Data\AVG7

2008-05-14 13:12 --------- d-----w C:\Program Files\eMule

2008-05-08 13:11 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-05-08 07:09 --------- d-----w C:\Program Files\Wingen

2008-05-07 22:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\zqtshgti

2008-05-03 09:48 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-04-22 10:35 --------- d-----w C:\Program Files\BitTorrent Fastest Tool

2008-04-19 13:59 --------- d-----w C:\Program Files\Fichiers communs\Oberon Media

2008-04-12 15:41 --------- d-----w C:\Documents and Settings\kiki\Application Data\PlayFirst

2008-04-12 15:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst

2008-04-12 10:04 188,416 ----a-w C:\WINDOWS\ogxtsepr.dll

2008-04-06 14:02 --------- d-----w C:\Documents and Settings\kiki\Application Data\Flood Light Games

2008-04-06 14:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Flood Light Games

2008-03-25 11:48 --------- d-----w C:\Documents and Settings\kiki\Application Data\Ahead

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll

2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2007-01-26 12:38 14 -c--a-w C:\Documents and Settings\kiki\getfile.dat

2006-05-01 18:19 4,379,100 ----a-w C:\Program Files\playboy7.5.322.exe

2006-04-29 14:12 5,083,783 ----a-w C:\Program Files\diablotinv2_7.5.322.exe

2005-12-27 20:20 6,799,360 ----a-w C:\Program Files\msnmsgr.exe

2005-12-27 20:20 1,703,936 ----a-w C:\Program Files\msgslang.dll

2005-12-17 17:04 1,464 -c--a-w C:\Program Files\diablotin skin.txt

2005-11-23 22:24 625,152 ----a-w C:\Program Files\msidcrl.dll

2005-08-29 15:00 56 -csh--r C:\WINDOWS\system32\A32AC634D4.sys

2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll

2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll

2005-08-29 15:00 5,018 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys

2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll

2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll

1995-09-20 15:16 35,088 --sha-w C:\WINDOWS\system32\msjint32.dll

1995-09-20 15:13 977,680 --sha-w C:\WINDOWS\system32\msjt3032.dll

1995-09-20 15:16 23,824 --sha-w C:\WINDOWS\system32\msjter32.dll

2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll

2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll

2004-08-05 12:00 253,952 -csha-w C:\WINDOWS\system32\msvcrt20.dll

2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll

2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll

2004-08-05 12:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll

1995-09-24 10:02 243,472 --sha-w C:\WINDOWS\system32\vbar2232.dll

1999-05-28 12:04 368,912 -csha-w C:\WINDOWS\system32\vbar332.dll

2006-12-19 18:42 69,920 -csha-w C:\WINDOWS\system32\drivers\fidbox.dat

2006-12-19 17:16 1,824 -csha-w C:\WINDOWS\system32\drivers\fidbox2.dat

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02715E47-5A8E-495B-8F63-0D30470B8E72}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7F3D6EA4-8986-4B15-83D1-275A70431008}]

C:\WINDOWS\system32\pmnlIXnL.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04 1415824]

"BPS Spyware Remover"="C:\Program Files\BulletProofSoft.com\BPS Spyware Remover\SpyRem.exe" [ ]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-14 11:09 68856]

"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 16:16 171464]

"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]

"gewphabr"="c:\documents and settings\kiki\local settings\application data\gewphabr.exe" [ ]

"bjdqwyf"="c:\documents and settings\kiki\local settings\application data\bjdqwyf.exe" [ ]

"ukngvgcqmp"="c:\documents and settings\kiki\local settings\application data\ukngvgcqmp.exe" [ ]

"fwjoxso"="c:\documents and settings\kiki\local settings\application data\fwjoxso.exe" [ ]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Cmaudio"="cmicnfg.cpl" []

"AntivirusRegistration"="C:\Program Files\CA\Etrust Antivirus\Register.exe" [2005-01-31 15:09 458752]

"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2004-06-26 00:17 504080]

"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-07 21:05 344064]

"PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2005-06-07 15:48 127118]

"Dit"="Dit.exe" [2004-07-20 18:18 90112 C:\WINDOWS\Dit.exe]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 19:19 221184]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]

"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 19:51 217088]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-07-01 15:12 98304]

"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 19:57 458752]

"BDMCon"="C:\Program Files\Softwin\BitDefender8\bdmcon.exe" [ ]

"BDNewsAgent"="C:\Program Files\Softwin\BitDefender8\bdnagent.exe" [ ]

"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2006-11-28 21:51 107112]

"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [ ]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 10:12 90112]

"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 23:45 279912]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 18:37 219136]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayaBSiF]

yayaBSiF.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\WINDOWS\\system32\\sessmgr.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\WINDOWS\\system32\\fxsclnt.exe"=

"C:\\Program Files\\CA\\eTrust Antivirus\\InocIT.exe"=

"C:\\Program Files\\CA\\eTrust Antivirus\\Realmon.exe"=

"C:\\Program Files\\CA\\eTrust Antivirus\\InoRpc.exe"=

"C:\\Program Files\\Dassault Systemes\\B14\\intel_a\\code\\bin\\orbixd.exe"=

"C:\\Program Files\\Dassault Systemes\\B14\\intel_a\\code\\bin\\CNEXT.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"C:\\Program Files\\msnmsgr.exe"=

"C:\\Program Files\\CA\\Etrust Antivirus\\Shellscn.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"C:\\Program Files\\MSN Messenger\\livecall.exe"=

"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

 

R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]

R2 BBDemon;Backbone Service;C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe [2004-05-08 09:56]

R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [2007-05-17 23:45]

R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-06-08 03:35]

R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 14:39]

R3 PID_0920;Labtec WebCam(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2004-10-11 19:19]

S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-01-15 19:47]

S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-05-18 12:31]

S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys []

S3 VX1000;VX-1000;C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 23:46]

S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

 

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-18 16:42:03

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cach‚s ...

 

Balayage cach‚ autostart entries ...

 

Balayage des fichiers cach‚s ...

 

 

C:\Documents and Settings\kiki\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims 2 : Boit@Look.lnk 1091 bytes hidden from API

 

Scan termin‚ avec succŠs

Les fichiers cach‚s: 1

 

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

C:\WINDOWS\system32\ati2evxx.exe

C:\Program Files\Fichiers communs\Symantec Shared\CCSVCHST.EXE

C:\WINDOWS\system32\ati2evxx.exe

C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\Program Files\CA\Etrust Antivirus\InoRpc.exe

C:\Program Files\CA\Etrust Antivirus\InoRT.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\COMMON~1\X10\Common\X10NETS.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\pointsoft\lanceur.exe

C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

.

**************************************************************************

.

Temps d'accomplissement: 2008-05-18 16:49:02 - machine was rebooted

ComboFix-quarantined-files.txt 2008-05-18 14:48:58

 

Pre-Run: 7,400,767,488 octets libres

Post-Run: 7,454,593,024 octets libres

 

581 --- E O F --- 2008-05-17 08:49:41

Alexandra m Junior Member

Alexandra m

Posté(e)
Posté(e)

Voila, j'ai installer la console de récupération sur le disque avec le CD d'installation. Vous demandiez de poster un rapport CF_RC.txt, j'ai rien vu de cela. Mais bon je ne pense pas que ça soit important.

 

Merci pour tout, j'attends vos instructions.

 

Alexandra

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonour,

 

Je dois m'absenter et ne puis procéder à l'analyse du rapport Combofix(c'est long à faire).

 

Je vous répondrai demain .

 

Combofix a déja bien travaillé.

 

Donc, un peu de patience.

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

 

Combo, Nettoyage

# Déconnectez-vous du net et désactivez l'antivirus (juste le temps de la procédure !)

Ouvrez Combofix

# Dans le bloc-note ,copiez-collez ces lignes :

 

KillAll::

File::

C:\WINDOWS\mslagent\cahjvifej.exe

C:\WINDOWS\mslagent\cahjvifej_nav.dat

C:\WINDOWS\mslagent\cahjvifej_navps.dat

C:\WINDOWS\system32\tmp.reg

C:\WINDOWS\system32\pmnlIXnL.dll

C:\Documents and Settings\kiki\locals~1\applic~1\cahjvifej.dat

C:\Documents and Settings\kiki\locals~1\applic~1\cahjvifej_nav.dat

C:\Documents and Settings\kiki\locals~1\applic~1\cahjvifej_navps.dat

c:\documents and settings\kiki\local settings\application data\fwjoxso.exe

c:\documents and settings\kiki\local settings\application data\ukngvgcqmp.exe

c:\documents and settings\kiki\local settings\application data\bjdqwyf.exe"

c:\documents and settings\kiki\local settings\application data\gewphabr.exe

C:\Documents and Settings\All Users\Application Data\zqtshgti

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7F3D6EA4-8986-4B15-83D1-275A70431008}]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayaBSiF]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"gewphabr"=-

"bjdqwyf"=-

"ukngvgcqmp"=-

"fwjoxso"=-

 

 

 

* Attention, ce code a été rédigé spécialement pour cet utilisateur, prière de ne pas le réutiliser dans d'autres cas !

 

Enregistrez-le en lui donnant le nom CFScript.txt

 

* Faire un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe

http://i261.photobucket.com/albums/ii49/Ma...te/CFScript.gif

wv0zyqhphc.gif

 

*

* Au message qui apparait dans une fenêtre bleue ( Type 1 to continue, or 2 to abort) , taper 1 puis valider.

* Patienter le temps du scan.Le bureau va disparaitre à plusieurs reprises: c'est normal!

Ne toucher à rien tant que le scan n'est pas terminé.

* Une fois le scan achevé, un rapport va s'afficher: poster son contenu.

* Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

Alexandra m Junior Member

Alexandra m

Posté(e)
Posté(e)

Bonjour

 

J'ai essayé de faire ce que vous m'avez dit, mais je n'ai pas eu de fenêtre bleu où il fallait choisir 1 ou 2.

En fait, une fois que j'ai glissé le fichier CFScript.txt dans le logiciel combofix, un scan s'est tout de suite lancé (je pense que c'est le même que j'avais fait au départ, aves les 40 et quelques étapes), un rapport est tout de même sorti, donc je vous le met:

 

ComboFix 08-05-15.3 - kiki 2008-05-19 19:29:07.3 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.533 [GMT 2:00]

Endroit: C:\Documents and Settings\kiki\Bureau\ComboFix.exe

Command switches used :: C:\Documents and Settings\kiki\Bureau\CFScript.txt

* Création d'un nouveau point de restauration

 

FILE ::

C:\Documents and Settings\All Users\Application Data\zqtshgti

c:\documents and settings\kiki\local settings\application data\bjdqwyf.exe"

c:\documents and settings\kiki\local settings\application data\fwjoxso.exe

c:\documents and settings\kiki\local settings\application data\gewphabr.exe

c:\documents and settings\kiki\local settings\application data\ukngvgcqmp.exe

C:\Documents and Settings\kiki\locals~1\applic~1\cahjvifej.dat

C:\Documents and Settings\kiki\locals~1\applic~1\cahjvifej_nav.dat

C:\Documents and Settings\kiki\locals~1\applic~1\cahjvifej_navps.dat

C:\WINDOWS\mslagent\cahjvifej.exe

C:\WINDOWS\mslagent\cahjvifej_nav.dat

C:\WINDOWS\mslagent\cahjvifej_navps.dat

C:\WINDOWS\system32\pmnlIXnL.dll

C:\WINDOWS\system32\tmp.reg

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\system32\tmp.reg

 

.

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-19 to 2008-05-19 ))))))))))))))))))))))))))))))))))))

.

 

2008-05-18 12:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe

2008-05-09 21:37 . 2008-05-19 18:12 <REP> d-------- C:\Program Files\Everest Poker

2008-05-08 15:51 . 2008-05-08 15:51 <REP> d-------- C:\Program Files\Trend Micro

2008-05-08 15:50 . 2008-05-08 21:10 <REP> d-------- C:\Program Files\Karcher

2008-05-08 13:28 . 2008-05-18 12:28 <REP> d-------- C:\Program Files\Navilog1

2008-05-08 12:42 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe

2008-05-08 12:42 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

2008-05-08 12:42 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe

2008-05-08 12:42 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe

2008-05-08 12:42 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe

2008-05-08 12:42 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

2008-05-08 12:42 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe

2008-05-08 00:17 . 2008-05-08 11:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira

2008-05-07 22:57 . 2008-05-07 23:54 <REP> d-------- C:\WINDOWS\BDOSCAN8

2008-05-03 11:27 . 2008-05-03 11:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SugarGames

2008-04-23 22:35 . 2008-05-10 11:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-04-23 22:35 . 2008-04-23 22:35 1,409 --a------ C:\WINDOWS\QTFont.for

2008-04-22 12:33 . 2008-04-22 12:34 <REP> d-------- C:\Program Files\Web Hottest Videos Personal Player

2008-04-22 12:33 . 2008-04-22 12:34 <REP> d-------- C:\Program Files\Online_TV

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-19 17:03 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS

2008-05-16 06:00 --------- d-----w C:\Documents and Settings\kiki\Application Data\AVG7

2008-05-14 13:12 --------- d-----w C:\Program Files\eMule

2008-05-08 13:11 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-05-08 07:09 --------- d-----w C:\Program Files\Wingen

2008-05-07 22:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\zqtshgti

2008-05-03 09:48 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-04-22 10:35 --------- d-----w C:\Program Files\BitTorrent Fastest Tool

2008-04-19 13:59 --------- d-----w C:\Program Files\Fichiers communs\Oberon Media

2008-04-12 15:41 --------- d-----w C:\Documents and Settings\kiki\Application Data\PlayFirst

2008-04-12 15:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst

2008-04-12 10:04 188,416 ----a-w C:\WINDOWS\ogxtsepr.dll

2008-04-06 14:02 --------- d-----w C:\Documents and Settings\kiki\Application Data\Flood Light Games

2008-04-06 14:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Flood Light Games

2008-03-25 11:48 --------- d-----w C:\Documents and Settings\kiki\Application Data\Ahead

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll

2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2007-01-26 12:38 14 -c--a-w C:\Documents and Settings\kiki\getfile.dat

2006-05-01 18:19 4,379,100 ----a-w C:\Program Files\playboy7.5.322.exe

2006-04-29 14:12 5,083,783 ----a-w C:\Program Files\diablotinv2_7.5.322.exe

2005-12-27 20:20 6,799,360 ----a-w C:\Program Files\msnmsgr.exe

2005-12-27 20:20 1,703,936 ----a-w C:\Program Files\msgslang.dll

2005-12-17 17:04 1,464 -c--a-w C:\Program Files\diablotin skin.txt

2005-11-23 22:24 625,152 ----a-w C:\Program Files\msidcrl.dll

2005-08-29 15:00 56 -csh--r C:\WINDOWS\system32\A32AC634D4.sys

2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll

2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll

2005-08-29 15:00 5,018 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys

2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll

2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll

1995-09-20 15:16 35,088 --sha-w C:\WINDOWS\system32\msjint32.dll

1995-09-20 15:13 977,680 --sha-w C:\WINDOWS\system32\msjt3032.dll

1995-09-20 15:16 23,824 --sha-w C:\WINDOWS\system32\msjter32.dll

2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll

2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll

2004-08-05 12:00 253,952 -csha-w C:\WINDOWS\system32\msvcrt20.dll

2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll

2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll

2004-08-05 12:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll

1995-09-24 10:02 243,472 --sha-w C:\WINDOWS\system32\vbar2232.dll

1999-05-28 12:04 368,912 -csha-w C:\WINDOWS\system32\vbar332.dll

2006-12-19 18:42 69,920 -csha-w C:\WINDOWS\system32\drivers\fidbox.dat

2006-12-19 17:16 1,824 -csha-w C:\WINDOWS\system32\drivers\fidbox2.dat

.

 

((((((((((((((((((((((((((((( snapshot@2008-05-18_16.48.42.03 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-05-18 14:41:11 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-05-19 17:32:45 2,048 --s-a-w C:\WINDOWS\bootstat.dat

- 2008-05-18 10:35:23 88,494 ----a-w C:\WINDOWS\system32\perfc009.dat

+ 2008-05-19 17:08:02 88,842 ----a-w C:\WINDOWS\system32\perfc009.dat

- 2008-05-18 10:35:23 107,798 ----a-w C:\WINDOWS\system32\perfc00C.dat

+ 2008-05-19 17:08:02 108,242 ----a-w C:\WINDOWS\system32\perfc00C.dat

- 2008-05-18 10:35:23 461,644 ----a-w C:\WINDOWS\system32\perfh009.dat

+ 2008-05-19 17:08:02 462,568 ----a-w C:\WINDOWS\system32\perfh009.dat

- 2008-05-18 10:35:23 538,098 ----a-w C:\WINDOWS\system32\perfh00C.dat

+ 2008-05-19 17:08:02 539,232 ----a-w C:\WINDOWS\system32\perfh00C.dat

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02715E47-5A8E-495B-8F63-0D30470B8E72}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7F3D6EA4-8986-4B15-83D1-275A70431008}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04 1415824]

"BPS Spyware Remover"="C:\Program Files\BulletProofSoft.com\BPS Spyware Remover\SpyRem.exe" [ ]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-14 11:09 68856]

"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 16:16 171464]

"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]

"gewphabr"="c:\documents and settings\kiki\local settings\application data\gewphabr.exe" [ ]

"bjdqwyf"="c:\documents and settings\kiki\local settings\application data\bjdqwyf.exe" [ ]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Cmaudio"="cmicnfg.cpl" []

"AntivirusRegistration"="C:\Program Files\CA\Etrust Antivirus\Register.exe" [2005-01-31 15:09 458752]

"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2004-06-26 00:17 504080]

"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-07 21:05 344064]

"PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2005-06-07 15:48 127118]

"Dit"="Dit.exe" [2004-07-20 18:18 90112 C:\WINDOWS\Dit.exe]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 19:19 221184]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]

"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-12-14 19:51 217088]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-07-01 15:12 98304]

"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-12-14 19:57 458752]

"BDMCon"="C:\Program Files\Softwin\BitDefender8\bdmcon.exe" [ ]

"BDNewsAgent"="C:\Program Files\Softwin\BitDefender8\bdnagent.exe" [ ]

"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2006-11-28 21:51 107112]

"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [ ]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 10:12 90112]

"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 23:45 279912]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 18:37 219136]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\WINDOWS\\system32\\sessmgr.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\WINDOWS\\system32\\fxsclnt.exe"=

"C:\\Program Files\\CA\\eTrust Antivirus\\InocIT.exe"=

"C:\\Program Files\\CA\\eTrust Antivirus\\Realmon.exe"=

"C:\\Program Files\\CA\\eTrust Antivirus\\InoRpc.exe"=

"C:\\Program Files\\Dassault Systemes\\B14\\intel_a\\code\\bin\\orbixd.exe"=

"C:\\Program Files\\Dassault Systemes\\B14\\intel_a\\code\\bin\\CNEXT.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Program Files\\eMule\\emule.exe"=

"C:\\Program Files\\msnmsgr.exe"=

"C:\\Program Files\\CA\\Etrust Antivirus\\Shellscn.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=

"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"C:\\Program Files\\MSN Messenger\\livecall.exe"=

"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

 

R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]

R2 BBDemon;Backbone Service;C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe [2004-05-08 09:56]

R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [2007-05-17 23:45]

R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-06-08 03:35]

R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 14:39]

R3 PID_0920;Labtec WebCam(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2004-10-11 19:19]

S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-01-15 19:47]

S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-05-19 19:03]

S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys []

S3 VX1000;VX-1000;C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 23:46]

S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

 

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-19 19:33:22

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cach‚s ...

 

Balayage cach‚ autostart entries ...

 

Balayage des fichiers cach‚s ...

 

 

C:\Documents and Settings\kiki\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims 2 : Boit@Look.lnk 1091 bytes hidden from API

 

Scan termin‚ avec succŠs

Les fichiers cach‚s: 1

 

**************************************************************************

.

--------------------- DLLs a charg‚ sous des processus courants ---------------------

 

PROCESS: C:\WINDOWS\explorer.exe

-> ?:\WINDOWS\System32\CSCDLL.dll

.

------------------------ Other Running Processes ------------------------

.

C:\WINDOWS\system32\ati2evxx.exe

C:\Program Files\Fichiers communs\Symantec Shared\CCSVCHST.EXE

C:\WINDOWS\system32\ati2evxx.exe

C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\Program Files\CA\Etrust Antivirus\InoRpc.exe

C:\Program Files\CA\Etrust Antivirus\InoRT.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\COMMON~1\X10\Common\X10NETS.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\pointsoft\lanceur.exe

C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

.

**************************************************************************

.

Temps d'accomplissement: 2008-05-19 19:41:18 - machine was rebooted

ComboFix-quarantined-files.txt 2008-05-19 17:41:13

ComboFix2.txt 2008-05-19 17:12:14

ComboFix3.txt 2008-05-18 14:49:04

 

Pre-Run: 7,452,696,576 octets libres

Post-Run: 7,447,904,256 octets libres

 

248 --- E O F --- 2008-05-17 08:49:41

 

 

 

j'espère ne pas avoir fait de bêtises,

 

Merci pour tout, bonne journée.

  • 2 semaines après...
Alexandra m Junior Member

Alexandra m

Posté(e)
Posté(e)

bonsoir

 

Je n'ai pas eu de vos nouvelles mais, maintenant, j'envoie des liens à mes contacts msn sans être connecté et avec l'ordinateur éteint. Des personnes ont cliqué sur le lien et des centaines de fenêtres s'ouvrent sur leur ordinateur.

 

Aidez moi...

 

Merci d'avance

pear Devil Member !

pear

Posté(e)
Posté(e) (modifié)

Bonjour Alexandra,

 

 

Je n'ai pas eu de vos nouvelles

 

J'étais absent lorsque vous avez envoyé votre rapport Combofix, et je ne l'ai pas vu à mon retour.

 

Des lignes n'ont pas été traitées.

On va essayer autrement.

 

Télécharger OTMoveIt (de Old_Timer) sur leBureau

* Double-cliquer sur OTMoveIt.exe pour le lancer.

(Note: Si vous utilisez Vista, faire un clic droit sur le fichier puis choisir Exécuter en tant qu'administrateur).

*Vérifier que Unregister Dll's and Ocx's soit coché.

* Copier-coller dans le cadre de gauche de OTMoveIt :

Paste List of Files/Folders to be moved

c:\documents and settings\kiki\local settings\application data\gewphabr.exe

c:\documents and settings\kiki\local settings\application data\bjdqwyf.exe

C:\Documents and Settings\All Users\Application Data\zqtshgti

C:\WINDOWS\ogxtsepr.dll

 

 

* Cliquer sur MoveIt! pour lancer la suppression.

* Le résultat apparaitra dans le cadre Results. Copier le résultat.

* Cliquer sur Exit pour fermer.

* Coller le résultat dans la prochain réponse.

avec un nouvel Hijackthis et vos commentaires, svp.

Modifié par pear
Alexandra m Junior Member

Alexandra m

Posté(e)
Posté(e)

Bonjour

 

Merdi de m'avoir répondu

 

Voici le résultat:

 

 

File/Folder c:\documents and settings\kiki\local settings\application data\gewphabr.exe not found.

File/Folder c:\documents and settings\kiki\local settings\application data\bjdqwyf.exe not found.

C:\Documents and Settings\All Users\Application Data\zqtshgti moved successfully.

LoadLibrary failed for C:\WINDOWS\ogxtsepr.dll

C:\WINDOWS\ogxtsepr.dll NOT unregistered.

C:\WINDOWS\ogxtsepr.dll moved successfully.

 

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06102008_162939

 

 

Je poste le rapport Hijackthis tout de suite

Alexandra m Junior Member

Alexandra m

Posté(e)
Posté(e)

Voici le rapport HijackThis

 

Merci pour tout

 

Bonne fin de journée.

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:35:04, on 10/06/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\PROGRA~1\CA\ETRUST~1\realmon.exe

C:\Program Files\Home Cinema\PowerCinema\PCMService.exe

C:\WINDOWS\Dit.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\DAEMON Tools\daemon.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\pointsoft\lanceur.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

C:\Program Files\CA\eTrust Antivirus\InoRT.exe

C:\Program Files\CA\eTrust Antivirus\InoTask.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Grisoft\AVG7\avgcc.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Documents and Settings\kiki\Bureau\OTMoveIt2.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll

O2 - BHO: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {7F3D6EA4-8986-4B15-83D1-275A70431008} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll

O3 - Toolbar: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe

O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"

O4 - HKLM\..\Run: [Dit] Dit.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [bPS Spyware Remover] C:\Program Files\BulletProofSoft.com\BPS Spyware Remover\SpyRem.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - HKCU\..\Run: [gewphabr] c:\documents and settings\kiki\local settings\application data\gewphabr.exe gewphabr

O4 - HKCU\..\Run: [bjdqwyf] c:\documents and settings\kiki\local settings\application data\bjdqwyf.exe bjdqwyf

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: DeliveryManager.lnk = ?

O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe

O4 - Startup: Personal Player.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.msn.fr/

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9E214F45-89C2-4DE3-94A9-530EB1D05F7E} - http://www.quest3d.com/Quest3D_WebInstall.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs-beta.jeu.orange.fr...ronGameHost.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe

O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe

O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - C:\Program Files\Norton AntiVirus\isPwdSvc.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 12517 bytes

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...