Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

rapport hijackthis


alex53200

Messages recommandés

On fournit ! :P

 

Double-clique sur l'icône HijackThis :

img-202120na4kx.gif

 

HijackThis démarre, c'est le premier bouton qui nous intéresse cette fois : "Do a system scan and save a logfile" (le fichier "log" est le rapport).

Clique dessus.

 

Copie-colle le contenu du rapport qui va s'afficher dans le Bloc-notes dans ta prochaine réponse.

Lien vers le commentaire
Partager sur d’autres sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:03:07, on 14/09/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\MagicTune Premium\MagicTuneEngine.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Mixer.exe

C:\WINDOWS\vVX3000.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\Program Files\fwmns\wmvwinwn.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe

C:\PROGRA~1\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\PROGRA~1\Wanadoo\Watch.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: OIN Analytics - {6B221E01-F517-4959-8C41-81948E7F2F17} - C:\Program Files\OINAnalytics\OINAnalytics.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O2 - BHO: (no name) - {DA36B03D-7DFD-5D29-FD3A-0EA296CF4ECA} - C:\WINDOWS\system32\ujohp.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [iewcm] "c:\windows\system32\iewcm.exe" iewcm

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx

O4 - HKCU\..\Run: [Lmda] "C:\WINDOWS\system32\STEM~1\dllhost.exe" -vt yazb

O4 - HKCU\..\Run: [wmvwinwn] C:\Program Files\fwmns\wmvwinwn.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O15 - Trusted Zone: http://*.secuser.com

O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} (Oberon ActiveX Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://bb53france.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/net/Import/ImageUploader4.cab

O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.fr/downloads/BUM/B..._2/axofupld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/onl...mjolauncher.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.wistiti.fr/ImageUploader4.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab

O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab

O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://www.photoways.com/assets/aurigma/ImageUploader4.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/Onl...zuma/Popcap.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab

O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129

O20 - AppInit_DLLs: htqnsx.dll

O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

 

--

End of file - 10176 bytes

Lien vers le commentaire
Partager sur d’autres sites

Il y a encore des saletés.

 

  • Clique sur ce lien de navilog1 de IL-MAFIOSO :
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
  • Enregistre le fichier sur ton bureau.
  • Ensuite double clique sur navilog1.exe pour lancer l'installation.
  • Une fois l'installation terminée, navilog1 s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
  • Laisse-toi guider. Au menu principal, choisis 1 et valide.
    (ne fais pas le choix 2,3 ou 4 sans accord)
  • Cela dure un moment, attends le message :
    *** Analyse Termine le ..... ***
  • Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
  • Copie-colle l'intégralité du rapport dans ton prochain post. Referme le bloc note.

 

Note :

Le rapport est aussi sauvegardé à la racine du disque (fixnavi.txt)

Si ton antivirus se plaint de fichiers de Navilog1, dis lui d'ignorer les fichiers.

Lien vers le commentaire
Partager sur d’autres sites

Meuh non, c'est rien, il n'y a rien de coriace, on va les avoir, ça prendra juste quelques opérations de plus.

Tu as tout fait impeccablement jusqu'ici, ça va être pareil pour la suite, ne t'inquiète pas. :P

Lien vers le commentaire
Partager sur d’autres sites

Search Navipromo version 3.6.5 commencé le 14/09/2008 à 10:12:26,35

 

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

 

Outil exécuté depuis C:\Program Files\navilog1

Session actuelle : "alexandra louveau"

 

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

 

 

Microsoft Windows XP [version 5.1.2600]

Internet Explorer : 7.0.5730.11

Système de fichiers : NTFS

 

Recherche executé en mode normal

 

*** Recherche Programmes installés ***

 

 

*** Recherche dossiers dans "C:\WINDOWS" ***

 

 

*** Recherche dossiers dans "C:\Program Files" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

 

 

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\applic~1" ***

 

 

*** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\applic~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" ***

 

 

*** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" ***

 

 

*** Recherche dossiers dans "C:\Documents and Settings\alexandra louveau\menudm~1\progra~1" ***

 

 

*** Recherche dossiers dans "C:\DOCUME~1\ADRIEN~1\menudm~1\progra~1" ***

 

 

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***

pour + d'infos : http://www.gmer.net

 

 

 

*** Recherche avec GenericNaviSearch ***

!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!

!!! A vérifier impérativement avant toute suppression manuelle !!!

 

* Recherche dans "C:\WINDOWS\system32" *

 

* Recherche dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" *

 

* Recherche dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" *

 

 

 

*** Recherche fichiers ***

 

 

 

*** Recherche clés spécifiques dans le Registre ***

 

 

*** Module de Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Recherche nouveaux fichiers Instant Access :

 

 

2)Recherche Heuristique :

 

* Dans "C:\WINDOWS\system32" :

 

 

* Dans "C:\Documents and Settings\alexandra louveau\locals~1\applic~1" :

 

 

* Dans "C:\DOCUME~1\ADRIEN~1\locals~1\applic~1" :

 

 

3)Recherche Certificats :

 

Certificat Egroup absent !

Certificat Electronic-Group absent !

Certificat Montorgueil absent !

Certificat OOO-Favorit absent !

Certificat Sunny-Day-Design-Ltd absent !

 

4)Recherche fichiers connus :

 

 

 

*** Analyse terminée le 14/09/2008 à 10:45:39,85 ***

 

voila le nouveau rapport navilog , on va s'en sortir , jy crois !!! lol

Lien vers le commentaire
Partager sur d’autres sites

On va gagner du temps. :P

 

Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.

Ne pas utiliser en dehors de ce cas de figure ou seul : dangereux.

 

Télécharge combofix.exe de sUBs et sauvegarde le sur ton bureau (et pas ailleurs).

  • Assure toi que tous les programmes sont fermés avant de commencer.
  • Double-clique combofix.exe afin de l'exécuter.
  • Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
  • Il est possible que ton pare-feu (firewall) te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
  • Ne ferme pas la fenêtre qui vient de s'ouvrir, tu te retrouverais avec un bureau vide.
  • Lorsque l'analyse sera terminée, un rapport apparaîtra.
  • Copie-colle ce rapport dans ta prochaine réponse.
    Le rapport se trouve dans : C:\Combofix.txt (si jamais).

Lien vers le commentaire
Partager sur d’autres sites

ComboFix 08-09-13.05 - alexandra louveau 2008-09-14 19:26:06.1 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.234 [GMT 2:00]

Lancé depuis: C:\Documents and Settings\alexandra louveau\Bureau\ComboFix.exe

* Un nouveau point de restauration a été créé

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Documents and Settings\alexandra louveau\Application Data\ICROSO~1.NET

C:\Documents and Settings\alexandra louveau\Local Settings\Temporary Internet Files\bestwiner.stt

C:\Documents and Settings\alexandra louveau\Local Settings\Temporary Internet Files\SonLabo.WAV

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_food_ready_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_gain_heart_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_get_drinks_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_party_arrive_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pencil_write_2.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pickup_food_1_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_rollover_1.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_seat_people_snd.ogg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\choosedifficulty.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\credits.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_lose.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_win.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help1.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help2.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\highscores.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\mainmenu.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup_mask.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradegrid.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradetitle.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upsell.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalk.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalkup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancel.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancelup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\close.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\closeup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continueover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_blue.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_yellow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplay.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplayover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfoup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off_on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on_on.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pause.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pauseover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgame.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgameover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegame.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegameover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submitup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagain.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagainover.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_over.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_up.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobal.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobalup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscore.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscoreon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocal.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocalup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics\webcomic.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\career.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\customer.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\endless.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\global.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\powerups.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\stove.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\arrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\grab.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\open.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\sit_legs.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\arial.mvec

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\komikaaxis.mvec

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_off.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on1.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdown.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdownon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowleft.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowlefton.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowright.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowrighton.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowupon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\p1icon.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\textedit.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\title.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_d.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_a.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_b.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_c.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_d.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fifth_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\first_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fourth_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\second_level_diner.txt

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\playfirst_logo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\background.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames\upgrade_0001.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\upgrades.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\tableshadow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\choosedifficulty.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooseplayer.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooserestaurant.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\credits.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\game.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\gothighscore.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help2.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscore.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoreinfo.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoresubmit.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelintro.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelover.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\loading.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainloop.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainmenu.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\ok.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\pause.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\style.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\tutorialintro.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upgrade.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upsell.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\webcomic.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\yesno.lua

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\gamelabsplash.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\playfirst_logo.jpg

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\strings.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\check.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\checkmark.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\clock.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closed.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closingtime.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\dollar.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\coffee.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\tables.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\wallpaper.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expert.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expertscore.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\fork_timer.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\goalcompleted.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level_career.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\score.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\sound.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staroff.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staron.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumber.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumberup.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\traynumber.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorial_character.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialarrow.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialbox.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.xml

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\drinks.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\maitred.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\oven.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\select.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\shoes.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\stereo.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\table.png

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\dinerdash.exe

C:\WINDOWS\Downloaded Program Files\setup.inf

C:\WINDOWS\system32\eyreqoow.ini

C:\WINDOWS\system32\hpugkxok.dll

C:\WINDOWS\system32\ljykmb.dll

C:\WINDOWS\system32\mwndclix.dll

C:\WINDOWS\system32\qgppknqt.dll

C:\WINDOWS\system32\stem~1

C:\WINDOWS\system32\stem~1\??stem\

C:\WINDOWS\system32\svagsdsq.ini

C:\WINDOWS\system32\sydcjmvs.dll

C:\WINDOWS\system32\ywixoe.dll

 

.

((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-14 au 2008-09-14 ))))))))))))))))))))))))))))))))))))

.

 

2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-09-13 21:07 . 2008-09-13 21:07 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Malwarebytes

2008-09-13 21:07 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2008-09-13 21:07 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-09-13 19:32 . 2008-09-14 07:33 <REP> d-------- C:\Program Files\Studio-Scrap

2008-09-13 19:32 . 2008-09-14 07:25 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Studio-Scrap

2008-09-13 17:48 . 2008-09-13 21:05 <REP> d-------- C:\Lop SD

2008-09-13 17:25 . 2008-09-13 17:25 <REP> d-------- C:\Program Files\Trend Micro

2008-09-13 12:37 . 2008-09-14 10:46 <REP> d-------- C:\Program Files\Navilog1

2008-09-13 09:42 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll

2008-09-13 09:36 . 2008-09-13 09:36 13,502 --a------ C:\WINDOWS\system32\JambaIconFR.ico

2008-09-13 09:35 . 2008-09-13 09:35 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico

2008-09-13 09:25 . 2008-09-13 09:25 <REP> d-------- C:\Program Files\OINAnalytics

2008-09-12 18:57 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\SEC

2008-09-12 18:57 . 2003-02-24 16:20 827,392 -ra------ C:\WINDOWS\system32\Flash.ocx

2008-09-12 18:57 . 2005-10-21 07:25 13,396 --a------ C:\WINDOWS\system32\drivers\MTictwl.sys

2008-09-12 18:56 . 2008-09-12 18:57 <REP> d-------- C:\Program Files\MagicTune Premium

2008-09-12 15:26 . 2008-09-12 15:26 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-09-12 15:26 . 2008-09-12 15:26 1,409 --a------ C:\WINDOWS\QTFont.for

2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Program Files\Apple Software Update

2008-09-12 15:25 . 2008-09-12 15:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple

2008-09-12 15:11 . 2008-09-12 17:55 <REP> d-------- C:\Program Files\Avanquest update

2008-09-12 15:11 . 2008-09-12 15:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software

2008-09-12 15:11 . 2007-11-02 12:47 109,992 --a------ C:\WINDOWS\system32\drivers\s916mdm.sys

2008-09-12 15:11 . 2007-11-02 12:47 103,976 --a------ C:\WINDOWS\system32\drivers\s916mgmt.sys

2008-09-12 15:11 . 2007-11-02 12:47 100,008 --a------ C:\WINDOWS\system32\drivers\s916obex.sys

2008-09-12 15:11 . 2007-11-02 12:47 83,496 --a------ C:\WINDOWS\system32\drivers\s916bus.sys

2008-09-12 15:11 . 2007-11-02 12:47 15,016 --a------ C:\WINDOWS\system32\drivers\s916mdfl.sys

2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916whnt.sys

2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916wh.sys

2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cmnt.sys

2008-09-12 15:11 . 2007-11-02 12:47 12,200 --a------ C:\WINDOWS\system32\drivers\s916cm.sys

2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Program Files\Sony Ericsson

2008-09-12 15:09 . 2008-09-12 15:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson

2008-09-12 13:24 . 2008-09-12 13:24 379 --a------ C:\WINDOWS\ODBC.INI

2008-09-12 13:08 . 2008-09-12 13:08 <REP> d-------- C:\Program Files\Microsoft ActiveSync

2008-09-12 13:06 . 2008-09-12 13:06 <REP> d-------- C:\Program Files\Fichiers communs\L&H

2008-09-11 23:52 . 2008-09-13 09:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\WinButler

2008-09-10 22:32 . 2008-09-10 22:52 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\OfficeUpdate12

2008-09-10 20:51 . 2008-09-12 15:42 <REP> d-------- C:\WINDOWS\SHELLNEW

2008-09-10 10:49 . 2008-09-10 17:53 <REP> d-------- C:\Program Files\Conduit

2008-09-09 18:49 . 2008-09-14 18:58 <REP> d-------- C:\Program Files\fwmns

2008-09-04 12:10 . 2008-09-04 12:10 <REP> d-------- C:\Program Files\gwbdrx

2008-08-28 16:19 . 2008-08-28 16:19 <REP> d-------- C:\Documents and Settings\alexandra louveau\Application Data\Apple Computer

2008-08-25 14:31 . 2008-08-25 14:31 524,288 --a------ C:\WINDOWS\opuc.dll

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-09-14 18:12 --------- d-----w C:\Program Files\Wanadoo

2008-09-13 20:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater

2008-09-13 09:26 --------- d-----w C:\Program Files\Microsoft Studio Files

2008-09-12 18:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-09-12 16:57 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-09-12 16:49 --------- d-----w C:\Program Files\EPSON

2008-09-12 16:04 --------- d-----w C:\Program Files\Encore

2008-09-12 16:04 --------- d-----w C:\Program Files\EA GAMES

2008-09-12 16:01 --------- d-----w C:\Program Files\eMule

2008-09-12 13:43 --------- d-----w C:\Program Files\Microsoft Works

2008-09-12 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-09-12 13:31 --------- d-----w C:\Program Files\QuickTime

2008-09-12 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-09-11 21:59 --------- d-----w C:\Program Files\TomTom HOME 2

2008-09-10 16:23 --------- d-----w C:\Program Files\BoontyGames

2008-09-10 16:07 --------- d-----w C:\Program Files\Windows Live

2008-09-09 16:49 --------- d-----w C:\Program Files\skmw

2008-09-09 16:49 --------- d-----w C:\Program Files\dwimn

2008-09-06 19:38 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\OpenOffice.org2

2008-09-02 08:24 --------- d-----w C:\Program Files\Messenger Plus! Live

2008-08-03 13:32 --------- d-----w C:\Program Files\OpenOffice.org 2.4

2008-08-03 11:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom

2008-08-03 11:02 --------- d-----w C:\Documents and Settings\alexandra louveau\Application Data\TomTom

2008-07-25 21:56 --------- d-----w C:\Program Files\Java

2007-12-06 10:04 480,848 ----a-w C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe

2007-07-04 09:57 98 ----a-w C:\Program Files\INSTALL.LOG

2006-12-28 14:41 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe

2007-12-14 16:36 88 --sh--r C:\WINDOWS\system32\95B45B3E5A.sys

2007-12-14 16:36 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

REGEDIT4

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B221E01-F517-4959-8C41-81948E7F2F17}]

2008-09-12 15:22 249856 --a------ C:\Program Files\OINAnalytics\OINAnalytics.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 15360]

"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]

"wmvwinwn"="C:\Program Files\fwmns\wmvwinwn.exe" [2008-09-11 745984]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 707376]

"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]

"C-Media Mixer"="Mixer.exe" [2003-03-20 C:\WINDOWS\mixer.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 15360]

"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=htqnsx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.mpng"= C:\Program Files\t@b\0.957\686\tabdec.dll

"vidc.mvjp"= C:\Program Files\t@b\0.957\686\tabdec.dll

"vidc.444p"= C:\Program Files\t@b\0.957\686\tabdec.dll

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GammaTray.lnk]

path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\GammaTray.lnk

backup=C:\WINDOWS\pss\GammaTray.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk

backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NCProTray.lnk]

path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NCProTray.lnk

backup=C:\WINDOWS\pss\NCProTray.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ghvgy]

C:\Documents and Settings\alexandra louveau\Application Data\?icrosoft.NET\??oolsv.exe [?]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChristmasTree]

--a------ 2007-12-07 23:36 844800 C:\Program Files\ChristmasTree\ChristmasTree.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]

--a------ 2006-10-13 17:01 277296 C:\Program Files\Microsoft LifeCam\LifeExp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2007-10-19 20:16 286720 C:\Program Files\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

--------- 2008-02-20 17:19 360448 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

--a------ 2008-04-02 20:39 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

--a------ 2008-05-06 10:42 202088 C:\Program Files\TomTom HOME 2\HOMERunner.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmvwinwn]

--a------ 2008-09-11 20:37 745984 C:\Program Files\fwmns\wmvwinwn.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]

--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\coktel\\ADI5\\TTS\\SpeechCube.exe"=

"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"C:\\WINDOWS\\system32\\dpvsetup.exe"=

"C:\\Program Files\\dwimn\\dllhosts.exe"=

"C:\\Program Files\\fwmns\\wmvwinwn.exe"=

"C:\\Program Files\\fwmns\\dllhosts.exe"=

"C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=

"C:\\Program Files\\MagicTune Premium\\MagicTune.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"6346:TCP"= 6346:TCP:shareaza

 

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 63352]

R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664]

S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-02-10 69120]

S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496]

S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]

S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]

S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]

S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s916obex.sys [2007-11-02 100008]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb2b9f9a-6148-11dd-aee6-000b6b6fbb93}]

\Shell\AutoRun\command - J:\InstallTomTomHOME.exe

.

Contenu du dossier 'Tƒches planifi‚es'

.

- - - - ORPHELINS SUPPRIMES - - - -

 

BHO-{DA36B03D-7DFD-5D29-FD3A-0EA296CF4ECA} - C:\WINDOWS\system32\ujohp.dll

HKCU-Run-Lmda - C:\WINDOWS\system32\STEM~1\dllhost.exe

HKLM-Run-iewcm - c:\windows\system32\iewcm.exe

ShellExecuteHooks-{2935C200-7E7D-4257-B9D4-EE75BAA206C9} - (no file)

MSConfigStartUp-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

MSConfigStartUp-BM6b1f2be7 - C:\WINDOWS\system32\klmwahpm.dll

MSConfigStartUp-gwdwin - C:\Program Files\skmw\gwdwin.exe

MSConfigStartUp-mwstwn - C:\Program Files\dwimn\mwstwn.exe

MSConfigStartUp-ReJf5vH - C:\Documents and Settings\alexandra louveau\Application Data\Microsoft\Windows\jifvfuxy.exe

MSConfigStartUp-runner1 - C:\WINDOWS\faceback.exe

MSConfigStartUp-SfKg6wIP - C:\Documents and Settings\alexandra louveau\Application Data\Microsoft\Windows\tgagw.exe

MSConfigStartUp-SfKg6wIPu - C:\Documents and Settings\alexandra louveau\Application Data\Microsoft\Windows\tvxkpsv.exe

MSConfigStartUp-SpeedRunner - C:\Documents and Settings\alexandra louveau\Application Data\SpeedRunner\SpeedRunner.exe

MSConfigStartUp-St - C:\Windows\st\st.exe

MSConfigStartUp-SurfAccuracy - C:\Documents and Settings\alexandra louveau\Application Data\SurfAccuracy\SAcc.exe

MSConfigStartUp-SystrayORAHSS - C:\Program Files\OrangeHSS\Systray\SystrayApp.exe

MSConfigStartUp-Twain - C:\Program Files\Twain\Twain.exe

MSConfigStartUp-webHancer Agent - C:\Program Files\webHancer\Programs\whagent.exe

MSConfigStartUp-WinButler - C:\Documents and Settings\alexandra louveau\Application Data\WinButler\WinButler.exe

 

 

.

------- Examen suppl‚mentaire -------

.

R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

R0 -: HKCU-Main,Start Page = hxxp://www.orange.fr

R0 -: HKCU-Main,Default_Search_URL = hxxp://www.google.com/ie

R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s

O8 -: &Search

O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 -: { - C:\Program Files\Messenger\msmsgs.exe

O17 -: HKLM\CCS\Interface\{3EEF2D7A-86AA-405F-B14F-467493A062DE}: NameServer = 80.10.246.2,80.10.246.129

 

O16 -: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab

C:\WINDOWS\Downloaded Program Files\Rawflow.ocx

 

O16 -: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} - hxxp://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab

C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf

C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll

 

O16 -: {5308E02B-4ABA-48E4-AA9E-8A7693661473} - hxxp://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab

C:\WINDOWS\Downloaded Program Files\GameAx.inf

C:\WINDOWS\Downloaded Program Files\GameEvents.dll

C:\WINDOWS\Downloaded Program Files\GameAx.dll

 

O16 -: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} - hxxp://www.wistiti.fr/ImageUploader4.cab

C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.inf

C:\WINDOWS\system32\unicows.dll

C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader4.ocx

 

O16 -: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader5.cab

C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf

C:\WINDOWS\system32\unicows.dll

C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx

 

O16 -: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} - hxxp://www.photoways.com/assets/aurigma/ImageUploader4.cab

C:\WINDOWS\Downloaded Program Files\ImageUploader4.inf

C:\WINDOWS\system32\unicows.dll

C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx

 

O16 -: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - hxxp://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab

C:\WINDOWS\Downloaded Program Files\Popcap.inf

C:\WINDOWS\Downloaded Program Files\Popcap.dll

 

O16 -: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab

C:\WINDOWS\Downloaded Program Files\imikimi_cab.inf

 

O16 -: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://wanadoofr.oberon-media.com/online2/diner_dash/DinerDash.1.0.0.58.cab

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58.inf

C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58.dll

.

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-14 20:11:18

Windows 5.1.2600 Service Pack 2 NTFS

 

Recherche de processus cach‚s ...

 

Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...

 

Recherche de fichiers cach‚s ...

 

Scan termin‚ avec succŠs

Fichiers cach‚s: 0

 

**************************************************************************

.

------------------------ Autres processus actifs ------------------------

.

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\system32\FTRTSVC.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\MagicTune Premium\MagicTuneEngine.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\Program Files\MagicTune Premium\MagicTune.exe

.

**************************************************************************

.

Heure de fin: 2008-09-14 20:20:43 - La machine a red‚marr‚

ComboFix-quarantined-files.txt 2008-09-14 18:20:40

 

Avant-CF: 100,140,875,776 octets libres

AprŠs-CF: 105,814,761,472 octets libres

 

571 --- E O F --- 2008-09-10 15:51:59

 

 

voilà le rapport demandé chef !!! lol

Lien vers le commentaire
Partager sur d’autres sites

Bien, mais il en reste un peu.

 

  • Nous allons installer la Console de Récupération sur ton pc. Cela permettra de réparer ton système au cas où le pc ne redémarrerait plus suite à la désinfection.
     
  • Lorsque tu as cliqué sur le lien correspondant à la version de ton Windows, tu seras dirigé sur une page: clique sur le bouton Télécharger afin de récupérer le package d'installation et enregistre ce fichier sur le bureau. Ne modifie pas le nom du fichier surtout!
     
    Windows XP Service Pack 2 (SP2) >
     
    Microsoft Windows XP Édition familiale SP2
     
  • Fait un glisser/déposer de ce fichier sur le fichier ComboFix.exe comme sur la capture >
    img-191142280s3.gif
  • Suis les indications à l'écran pour lancer ComboFix et lorsqu'on te le demande, accepte le Contrat de Licence d'Utilisateur Final pour installer la Console de Récupération Microsoft.
  • Lorsque ce sera terminé, un message te disant que la Console a bien été installée apparait, puis un rapport nommé CF_RC.txt va s'afficher: poste le contenu de ce rapport.
  • Note > à présent lorsque tu démarreras ton pc, tu auras un choix à faire: soit démarrer Windows normalement, ou utiliser la Console de Récupération.

 

Ajoute un rapport HijackThis aussi stp.

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...