Pc infecté rapport hitachi fait et avg que do

Résolu
marjo31 -  
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,
j ai fait un nettoyage avec ccleaner un rapport avec avg et hitachi mais la je ne c est pas ce que je dois faire je n est plus d antivirus pas moyen d enlevé avast pour mettre kaspery et je n arrive pas a remettre avast non plus est que qqun pourrait m aider svp pour savoir ce que je dois faire je vous envoie le rapport de hitachi et avg merci
Logfile of HijackThis v1.99.1
Scan saved at 8:37:07, on 12/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Defenza\pcd-as.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/nl-be?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P
O4 - HKLM\..\Run: [Control Kids] C:\Program Files\Control Kids\Control kids.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

et avg

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 9:33:14 12/12/2008

+ Résultat de l'analyse:



HKU\S-1-5-21-1045004141-474808527-140331961-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB} -> Adware.Generic : Aucune action entreprise.
C:\WINDOWS\system32\tdsspopup.dll -> Backdoor.UltimateDefender : Aucune action entreprise.
C:\WINDOWS\system32\18D.tmp -> Not-A-Virus.PUP.XPAntivirus.qj : Aucune action entreprise.
C:\WINDOWS\system32\26B.tmp -> Not-A-Virus.PUP.XPAntivirus.qj : Aucune action entreprise.
C:\WINDOWS\system32\29E.tmp -> Not-A-Virus.PUP.XPAntivirus.qj : Aucune action entreprise.
C:\WINDOWS\system32\29F.tmp -> Not-A-Virus.PUP.XPAntivirus.qj : Aucune action entreprise.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt[1].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.


Fin du rapport
A voir également:

149 réponses

Précédent
Réponse 21 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
ok je vais faire ca mais la je dois absolument partir et revient ce soir 1000 excuses mais je ne peut absolument pas reporter
a tantot
0
Réponse 22 / 149
Utilisateur anonyme
 
Pas de soucis , t'inquiete on fait des que tu es dispo ! pas de tracas entre nous , ons a tous une vie . (-_-) @+ quand tu peu !
0
Réponse 23 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
ok me voila de retour j ai fait le rapport avec combofix tout comme c etait mis je met le rapport seulement j ai oublié de remettre l antivirus, et les anti spyware se mette automatiquement ah oui a un certain moment il ma mis qu il manqué une console mais j ai pas osé accepter car il fallait me reconecté je c pas si j ai bien fait ou pas dans le doute j ai pas fais

ComboFix 08-12-12.01 - HP_Propriétaire 2008-12-12 22:14:43.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1569 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008
c:\documents and settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
c:\documents and settings\HP_Propriétaire\Application Data\inst.exe
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\customer_cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\heart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_down.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\menu_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\plates.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\ticket.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\accessories\tray.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_bring_check_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_diner.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_food_ready_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_gain_heart_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pencil_write_2.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_rollover_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\audio\sfx\sfx_seat_people_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\choosedifficulty.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\credits.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_lose.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\flo_win.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help1.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\help2.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\highscores.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelintro_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\levelover_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\mainmenu.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\popup_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradegrid.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upgradetitle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\backgrounds\upsell.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowleft_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\arrowright_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\back_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalk.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backchalkup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\backtomenu_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancel.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\cancelup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\career_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\close.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\closeup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\continueover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\credits_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\download_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\easy_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\endlessshift_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\hard_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\help_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\highscores_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\instructions_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplay.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\letsplayover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\medium_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\moreinfoup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\off_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\on_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pause.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\pauseover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitgameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\quitover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\resumegameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\submitup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagain.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\tryagainover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\upgrade_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewglobalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewhighscoreon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\buttons\viewlocalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\comics\webcomic.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\career.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\customer.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\endless.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\global.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\config\powerups.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\cook.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cook\stove.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\arrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\click2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\grab.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\cursor\open.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\old_male\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\customers\young_female\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\idle.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\lower.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\flo\upper.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\arial.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\fonts\komikaaxis.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\chair.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dirt4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\dishcart.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\drinkstation_on2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\furniture\ticketstation.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdown.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowdownon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowleft.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowlefton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowright.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowrighton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\arrowupon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\p1icon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\textedit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\hiscore\title.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_1_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_2_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\endless_1_3_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fifth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\first_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\fourth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\layouts\second_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\playfirst_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\background.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\frames\upgrade_0001.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\diner\upgrades.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\restaurants\tableshadow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\choosedifficulty.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooseplayer.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\chooserestaurant.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\credits.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\game.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\gothighscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\help2.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoreinfo.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\hiscoresubmit.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\levelover.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\loading.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainloop.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\mainmenu.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\ok.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\pause.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\style.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\tutorialintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upgrade.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\upsell.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\webcomic.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\scripts\yesno.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\aol_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\gamelabsplash.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\splash\playfirst_logo.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\strings.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\angersmoke.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\chairflags.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\check.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\checkmark.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\clock.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closed.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\closingtime.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\coinflip.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\dollar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\coffee.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\tables.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\doodles\wallpaper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expert.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\expertscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\foodpoof.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\fork_timer.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\goalcompleted.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\heartgrow.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\jar.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\level_career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\score.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\sound.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staroff.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\staron.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tablenumberup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\traynumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorial_character.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialarrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\tutorialbox.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgradeanim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\drinks.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\maitred.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\oven.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\select.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\shoes.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\stereo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\assets\ui\upgrades\table.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80\dinerdash.exe
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_SYSREST.SYS
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2008-11-12 au 2008-12-12 ))))))))))))))))))))))))))))))))))))
.

2008-12-12 15:10 . 2008-12-12 15:11 <REP> d-------- c:\windows\ERUNT
2008-12-12 10:45 . 2008-12-12 10:46 1,393 --a------ c:\windows\imsins.BAK
2008-12-12 10:33 . 2005-10-20 20:05 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau
2008-12-12 10:33 . 2005-10-20 20:05 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression
2008-12-12 10:33 . 2007-12-15 17:40 <REP> d--h----- c:\documents and settings\Administrateur\Modèles
2008-12-12 10:33 . 2005-10-20 20:05 <REP> d-------- c:\documents and settings\Administrateur\Mes documents
2008-12-12 10:33 . 2007-12-15 17:40 <REP> d-------- c:\documents and settings\Administrateur\Menu Démarrer
2008-12-12 10:33 . 2007-12-15 18:43 <REP> d-------- c:\documents and settings\Administrateur\Favoris
2008-12-12 10:33 . 2005-10-20 20:05 <REP> d-------- c:\documents and settings\Administrateur\Bureau
2008-12-12 10:33 . 2008-12-12 10:33 <REP> d-------- c:\documents and settings\Administrateur
2008-12-12 10:23 . 2008-12-12 15:44 <REP> d-------- C:\SDFix
2008-12-12 09:57 . 2008-12-12 09:57 <REP> d-------- c:\program files\Trend Micro
2008-12-12 09:57 . 2008-12-12 09:57 812,344 --a------ C:\HJTInstall.exe
2008-12-11 09:39 . 2008-12-11 09:39 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-12-11 08:29 . 2008-12-11 08:29 <REP> d-------- c:\program files\Fichiers communs\xing shared
2008-12-11 08:29 . 2008-12-11 08:29 <REP> d-------- c:\program files\Fichiers communs\TiVo Shared
2008-12-11 08:29 . 2008-12-11 08:29 <REP> d-------- c:\program files\Fichiers communs\SureThing Shared
2008-12-11 08:28 . 2008-12-11 08:28 <REP> d-------- c:\windows\Setup2K
2008-12-11 08:28 . 2008-12-11 08:28 <REP> d-------- C:\Speed.1994.NTSC.MULTi.DVDR-Manix123
2008-12-11 08:28 . 2008-12-11 08:28 <REP> d-------- c:\program files\SmartSound Software
2008-12-11 08:28 . 2008-12-11 08:28 <REP> d-------- c:\documents and settings\All Users\Application Data\SmartSound Software Inc
2008-12-11 08:27 . 2008-12-11 08:27 <REP> d-------- c:\program files\BoontyGames
2008-12-11 08:27 . 2008-12-11 08:27 <REP> d-------- c:\program files\adslTV
2008-12-09 21:46 . 2008-12-09 21:46 1,440,054 --a------ c:\windows\Papier-peint-PhotoFiltre.bmp
2008-12-09 10:41 . 2008-12-11 08:28 <REP> d-------- c:\program files\PhotoFiltre Studio
2008-12-08 08:17 . 2008-12-08 08:17 <REP> d-------- c:\documents and settings\All Users\Application Data\muvee Technologies
2008-12-07 19:20 . 2008-12-07 19:29 <REP> d-------- C:\VIDEO_TS
2008-12-05 22:44 . 2008-12-05 22:44 172 ---h----- c:\windows\formacd.id
2008-12-05 19:08 . 2008-12-05 19:08 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2008-12-05 16:12 . 2008-12-11 10:10 <REP> d-------- c:\program files\Fichiers communs\Adobe
2008-12-05 11:10 . 2000-09-19 13:49 <REP> d-------- C:\_system_
2008-12-05 11:09 . 2000-09-19 13:49 <REP> d-------- C:\moonshl
2008-12-05 10:16 . 2008-12-05 10:16 <REP> d-------- c:\documents and settings\All Users\Application Data\vsosdk
2008-12-05 09:24 . 2004-05-04 12:53 1,645,320 --a------ c:\windows\gdiplus.dll
2008-12-05 09:24 . 2006-05-20 17:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll
2008-12-05 09:24 . 2006-05-11 20:21 626,688 --a------ c:\windows\system32\vp7vfw.dll
2008-12-05 09:24 . 2006-09-29 13:24 217,127 --a------ c:\windows\system32\drv43260.dll
2008-12-05 09:24 . 2006-09-29 13:25 208,935 --a------ c:\windows\system32\drv33260.dll
2008-12-05 09:24 . 2006-09-29 13:26 176,165 --a------ c:\windows\system32\drv23260.dll
2008-12-05 09:24 . 2007-03-18 21:37 65,602 --a------ c:\windows\system32\cook3260.dll
2008-12-05 09:24 . 2008-12-05 09:24 47,360 --a------ c:\documents and settings\HP_Propriétaire\Application Data\pcouffin.sys
2008-11-29 17:19 . 2008-11-29 17:19 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Sonic
2008-11-29 17:19 . 2008-11-29 17:19 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Leadertech
2008-11-28 08:33 . 2008-12-05 09:53 <REP> d-------- c:\documents and settings\All Users\Application Data\RapidSolution
2008-11-26 11:34 . 2007-12-10 11:41 33,792 --a------ C:\fff-reflexv2.exe
2008-11-25 09:54 . 2008-11-25 09:57 <REP> d-------- c:\documents and settings\All Users\Application Data\FarmFrenzy2
2008-11-25 09:50 . 2008-11-25 09:50 <REP> d-------- c:\program files\orange
2008-11-25 09:50 . 2008-11-25 09:52 <REP> d-------- c:\program files\Oberon Media
2008-11-25 09:50 . 2008-11-25 09:50 <REP> d-------- c:\program files\GamesBar
2008-11-25 09:50 . 2008-11-25 09:50 <REP> d-------- c:\program files\Fichiers communs\Oberon Media
2008-11-25 09:49 . 2008-07-12 00:24 <REP> d-------- C:\Crack
2008-11-25 09:49 . 2008-11-23 15:10 36,977,616 --a------ C:\farm_frenzy_2-setup.exe
2008-11-24 11:00 . 2008-11-24 11:00 <REP> d-------- c:\windows\Applian FLV Player
2008-11-24 11:00 . 2008-11-24 11:00 <REP> d-------- c:\windows\7 Wonders Treasures of Seven
2008-11-24 11:00 . 2008-11-24 11:00 <REP> d-------- c:\program files\FLV Player
2008-11-24 11:00 . 2008-12-10 21:59 <REP> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-11-19 21:13 . 2008-11-19 21:13 36,888 --a------ C:\lpj_v.gadget

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-12 21:13 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\uTorrent
2008-12-11 09:10 --------- d-----w c:\program files\Fichiers communs\Macrovision Shared
2008-12-11 08:42 --------- d-----w c:\program files\Yu-Gi-Oh Virtual Battle 5
2008-12-11 08:40 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Vso
2008-12-11 07:29 --------- d-----w c:\program files\Fichiers communs\Sonic Shared
2008-12-08 07:37 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-08 07:27 --------- d-----w c:\program files\Fichiers communs\Real
2008-12-08 07:12 --------- d-----w c:\program files\Sonic
2008-12-05 08:24 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-12-05 08:24 --------- d-----w c:\program files\vso
2008-12-03 20:28 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\VSO_HWE
2008-11-26 07:41 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Wildfire
2008-11-24 10:00 --------- d-----w c:\program files\7 Wonders Treasures of Seven
2008-11-24 09:59 --------- d-----w c:\program files\Heidi
2008-11-11 20:53 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
2008-11-09 14:31 --------- d-----w c:\program files\Mindscape
2008-11-07 15:19 --------- d-----w c:\program files\EA GAMES
2008-11-06 09:36 --------- d-----w c:\program files\Activision
2008-10-28 14:18 --------- d-----w c:\program files\MAGIX
2008-10-28 14:18 --------- d-----w c:\documents and settings\All Users\Application Data\MAGIX
2008-10-28 14:17 --------- d-----w c:\program files\Fichiers communs\Adobe(2)
2008-10-28 14:17 --------- d-----w c:\documents and settings\All Users\Application Data\Adobe(2)
2008-10-28 14:13 --------- d-----w c:\program files\LimeWire
2008-10-28 14:13 --------- d-----w c:\program files\Doom 3
2008-10-28 14:13 --------- d-----w c:\program files\Alwil Software
2008-10-28 14:05 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\RayV
2008-10-28 14:03 --------- d-----w c:\program files\Burger Shop
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\dllcache\gdi32.dll
2008-10-20 06:53 --------- d-----w c:\program files\Alwil Software(2)
2008-10-17 00:48 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:59 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 14:30 --------- d-----w c:\program files\Fichiers communs\MAGIX Shared
2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-10-03 10:17 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-10-03 10:17 247,326 ----a-w c:\windows\system32\dllcache\strmdll.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k(2)(2).sys
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\dllcache\win32k.sys
2000-06-14 10:46 307,200 ----a-w c:\documents and settings\autorun\autorun.exe
2008-01-13 21:03 88 --sh--r c:\windows\system32\14F00179EA.sys
2008-01-13 21:03 2,516 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-30 68856]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2008-02-01 219952]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-02-14 7557120]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"PCMService"="c:\program files\CyberLink\PowerCinema\PCMService.exe" [2006-02-25 147456]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-12-15 49152]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"AGEIA PhysX SysTray"="c:\program files\AGEIA Technologies\TrayIcon.exe" [2006-03-20 331776]
"BigDogPath"="c:\windows\VM_STI.EXE" [2003-01-21 40960]
"Control Kids"="c:\program files\Control Kids\Control kids.exe" [2005-03-03 2899456]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-07-12 180269]
"PCDAS"="c:\program files\Defenza\pcd-as.exe" [2006-12-15 1359872]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 c:\windows\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2006-02-14 c:\windows\system32\nwiz.exe]

c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-07-12 27136]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VP40"= vp4vfw.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
"vidc.vp31"= vp31vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\[Emoticons-plus.com] Winkaa 2.0.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Heidi\\Heidi_Release.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-09-05 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-09-05 20560]
R3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-07-12 2825088]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contenu du dossier 'Tâches planifiées'

2008-12-12 c:\windows\Tasks\A840AB4B934B223F.job
- c:\docume~1\hp_pro~1\applic~1\clockc~1\delete balm idle.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-avast! - c:\progra~1\ALWILS~1\Avast4\ashDisp.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.be/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_BE&c=63&bd=PAVILION&pf=desktop
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_BE&c=63&bd=PAVILION&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Filter: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - c:\windows\system32\controlkids2.dll

c:\windows\Downloaded Program Files\DinerDash.1.0.0.80.dll - O16 -: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6}
hxxp://gamenextfr.oberon-media.com/online/online2/diner_dash/DinerDash.1.0.0.80.cab
c:\windows\Downloaded Program Files\DinerDash.1.0.0.80.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-12 22:17:56
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PSIService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wdfmgr.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-12-12 22:20:05 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-12 21:20:02

Avant-CF: 83.883.597.824 octets libres
Après-CF: 83,820,347,392 octets libres

555 --- E O F --- 2008-12-12 09:46:15
0
Réponse 24 / 149
Utilisateur anonyme
 
bon il reste encore pas mal d'infections on va taper dedans



Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisie nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en citation ci-dessous (copie tout d'un trait-sans les barres(X)) :

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDAS"=-

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
note : regedit 4 est sur la premiere ligne et il y a une ligne blanche a la fin
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

ca doit ressembler a ca une fois enrregistré :

http://img520.imageshack.us/img520/4251/screenshot005ps2.png

quitte internet et double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

ensuite



Télécharge OTMoveIt3 de OldTimer sur ton Bureau en cliquant sur ce lien :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe pour le lancer.

Vérifie que la case devant "Unregister Dll's and Ocx's est bien cochée.

Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans le cadre de gauche de OTMoveIt : "Paste instructions for item to be moved".


:Processes
explorer.exe

:Services

:Reg

:Files
c:\program files\Defenza\pcd-as.exe
C:\Crack
c:\program files\BoontyGames
c:\program files\Oberon Media
c:\program files\Fichiers communs\Oberon Media

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]



Clique sur "MoveIt!" pour lancer la suppression.

Le résultat apparaitra dans le cadre "Results".

Clique sur "Exit" pour fermer.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom xxxxxx_xxxxxxxxxx.log .

Il te sera peut-être demander de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.



ensuite


Télécharge Navilog1 depuis-ce lien :

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog1 présent sur ton Bureau .

Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche le bloc note va s'ouvrir.

--> Copie-colle l'intégralité du rapport dans une réponse.

Referme le bloc note.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
ouvrir quel bloc note j en est pas sur le bureau et j ai tout fermé apres avoir envoyé le collé du rapport
est normal que je ne vois pas la fin des phrases dans ce que tu me dis j ai clic droit sur nouveau puis pas la suite alors j ai ouvert un nouveau dossier mais j ai pas de regedit 4
0
Réponse 26 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
j ai trouvé un bloc note dans le menu démarrer est que c est ca
0
Réponse 27 / 149
Utilisateur anonyme
 
pour le bloc note :

demarrer / tout les programes / accessoires / bloc note

tu copie et tu colle ceci qui est en gras

( a noter regedit4 se trouve sur la premiere ligne !!)







REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDAS"=-






note : regedit 4 est sur la premiere ligne et il y a une ligne blanche a la fin
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

ca doit ressembler a ca une fois enrregistré :

http://img520.imageshack.us/img520/4251/screenshot005ps2.png

quitte internet et double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"



ensuite continu la suite ici avec ot moveit 3
0
Réponse 28 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
voila c est fait je met le rapport
Search Navipromo version 3.7.0 commencé le ven. 12/12/2008 à 23:41:29,76

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.40GHz )
BIOS : BIOS Date: 04/10/2006 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1229 [VPS 000000-0] 4.8.1229 (Not Activated)


C:\ (Local Disk) - NTFS - Total:227 Go (Free:78 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
L:\ (USB)


Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Propriétaire\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\HP_Propriétaire\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :


A840AB4B934B223F.job trouvé ! Infection Lop possible non traitée par cet outil !


*** Analyse terminée le ven. 12/12/2008 à 23:44:56,90 ***
0
Réponse 29 / 149
Utilisateur anonyme
 
ok voici pour l'infection lop



- Télécharge Lop S&D sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
- Double-clique dessus pour lancer l'installation
- Double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré

Tutoriel pour t’aider : http://www.malekal.com//tutorial_Lop_SD.php


je vais me reposer je regarde ca demain passe une bonne nuit
0
Réponse 30 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
ok encor un grand merci bonne nuit a demain
0
Réponse 31 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.40GHz )
BIOS : BIOS Date: 04/10/2006 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 000000-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total:227 Go (Free:78 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
L:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( sam. 13/12/2008| 0:19 )

--------------------\\ Listing des dossiers dans APPLIC~1

[26/10/2005|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[26/10/2005|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[11/12/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[28/10/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe(2)
[29/11/2007|08:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[24/12/2007|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[31/12/2007|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[15/12/2007|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[25/11/2008|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[05/12/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[03/11/2007|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/09/2008|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[12/07/2006|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[12/07/2006|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[12/07/2006|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[11/12/2008|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[24/12/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[28/10/2008|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[05/09/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[27/11/2007|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/04/2008|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/11/2008|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[08/12/2008|08:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[23/02/2008|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9
[28/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[31/10/2007|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[04/04/2008|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[19/02/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/12/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution
[23/02/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[12/07/2006|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/12/2008|08:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[12/07/2006|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[15/03/2008|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[03/11/2007|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[10/12/2008|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[05/12/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[15/12/2007|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[06/09/2008|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom


[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/12/2008|09:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[17/12/2007|16:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[28/12/2007|01:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ahead
[08/05/2008|07:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CLOCKCLOSECAMP
[31/12/2007|00:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Corel
[28/11/2007|22:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[24/08/2008|21:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GameHouse
[03/11/2007|17:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[05/09/2008|08:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Grisoft
[24/11/2008|10:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[27/11/2007|19:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[05/12/2007|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[27/06/2008|10:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[31/12/2007|00:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InstallShield
[28/11/2007|20:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
[29/11/2008|17:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[24/08/2008|20:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[03/11/2007|17:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[05/09/2008|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[17/12/2007|09:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[04/09/2008|20:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[27/06/2008|10:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Pirateville
[04/04/2008|19:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[28/10/2008|15:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\RayV
[08/12/2008|08:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[31/10/2007|10:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Roxio
[29/11/2008|17:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[23/12/2007|22:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/11/2007|12:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\U3
[13/12/2008|00:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\uTorrent
[11/12/2008|09:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
[03/12/2008|21:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\VSO_HWE
[26/11/2008|08:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Wildfire
[12/12/2008|15:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinRAR
[27/06/2008|10:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Zylom

[28/10/2008|15:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[12/07/2006|20:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[26/10/2005|23:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[12/07/2006|21:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[12/07/2006|21:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/12/2008 00:00][--ah-----] C:\WINDOWS\tasks\A840AB4B934B223F.job
[12/12/2008 23:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

( A840AB4B934B223F.job )=( c:\docume~1\hp_pro~1\applic~1\clockc~1\deletebalmidle.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[24/11/2008|11:00] C:\Program Files\7 Wonders Treasures of Seven
[06/11/2008|10:36] C:\Program Files\Activision
[11/12/2008|10:08] C:\Program Files\Adobe
[11/12/2008|08:27] C:\Program Files\adslTV
[31/10/2007|16:49] C:\Program Files\AGEIA Technologies
[31/10/2007|11:56] C:\Program Files\Ahead
[09/07/2008|12:25] C:\Program Files\Alcohol Soft
[28/10/2008|15:13] C:\Program Files\Alwil Software
[20/10/2008|07:53] C:\Program Files\Alwil Software(2)
[28/10/2008|15:03] C:\Program Files\Burger Shop
[31/10/2007|12:30] C:\Program Files\CCleaner
[20/10/2005|20:06] C:\Program Files\ComPlus Applications
[05/09/2008|15:17] C:\Program Files\Control Kids
[13/01/2008|22:07] C:\Program Files\Corel
[12/07/2006|21:28] C:\Program Files\CyberLink
[24/08/2008|21:14] C:\Program Files\DAEMON Tools
[12/12/2008|23:30] C:\Program Files\Defenza
[05/01/2008|16:00] C:\Program Files\Digital-Jesters
[04/04/2008|19:29] C:\Program Files\Diner Dash 2
[10/12/2007|21:38] C:\Program Files\directx
[31/10/2007|12:21] C:\Program Files\DivX
[28/10/2008|15:13] C:\Program Files\Doom 3
[31/10/2007|11:47] C:\Program Files\DVD Decrypter
[07/11/2008|16:19] C:\Program Files\EA GAMES
[24/08/2008|21:14] C:\Program Files\EA SPORTS
[24/08/2008|21:12] C:\Program Files\Eidos
[01/11/2007|11:30] C:\Program Files\Electronic Arts
[27/11/2007|19:17] C:\Program Files\EM2801
[25/01/2008|16:26] C:\Program Files\Emoticons-plus.com
[12/12/2008|23:30] C:\Program Files\Fichiers communs
[24/11/2008|11:00] C:\Program Files\FLV Player
[15/03/2008|10:04] C:\Program Files\GameHouse
[25/11/2008|09:50] C:\Program Files\GamesBar
[24/08/2008|21:14] C:\Program Files\GameShadow
[04/11/2007|09:50] C:\Program Files\Google
[05/09/2008|08:37] C:\Program Files\Grisoft
[24/11/2008|10:59] C:\Program Files\Heidi
[12/07/2006|21:39] C:\Program Files\Hewlett-Packard
[12/07/2006|21:27] C:\Program Files\HP
[31/07/2008|14:36] C:\Program Files\Infogrames
[08/12/2008|08:37] C:\Program Files\InstallShield Installation Information
[12/12/2008|10:45] C:\Program Files\Internet Explorer
[24/08/2008|21:13] C:\Program Files\Java
[31/10/2007|11:46] C:\Program Files\Lavalys
[31/10/2007|11:42] C:\Program Files\Lavasoft
[28/10/2008|15:13] C:\Program Files\LimeWire
[28/10/2008|15:18] C:\Program Files\MAGIX
[05/09/2008|15:07] C:\Program Files\Malwarebytes' Anti-Malware
[31/10/2007|17:37] C:\Program Files\MC2
[25/08/2008|02:03] C:\Program Files\Messenger
[08/05/2008|07:03] C:\Program Files\Messenger Plus! Live
[27/11/2007|22:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/10/2005|23:36] C:\Program Files\microsoft frontpage
[12/12/2007|15:40] C:\Program Files\Microsoft Office
[09/11/2008|15:31] C:\Program Files\Mindscape
[26/10/2005|23:36] C:\Program Files\Movie Maker
[19/02/2008|08:37] C:\Program Files\MSN
[26/10/2005|23:36] C:\Program Files\MSN Gaming Zone
[03/11/2007|22:16] C:\Program Files\MSXML 4.0
[12/07/2006|21:30] C:\Program Files\muvee Technologies
[12/12/2008|23:48] C:\Program Files\Navilog1
[27/08/2008|20:46] C:\Program Files\Nestopia RPlus!
[26/10/2005|23:36] C:\Program Files\NetMeeting
[26/10/2005|23:36] C:\Program Files\Online Services
[25/11/2008|09:50] C:\Program Files\orange
[03/11/2007|22:19] C:\Program Files\Outlook Express
[12/07/2006|21:37] C:\Program Files\PC-Doctor 5 for Windows
[11/12/2008|08:28] C:\Program Files\PhotoFiltre Studio
[31/10/2007|13:00] C:\Program Files\Pinnacle
[24/08/2008|21:13] C:\Program Files\PopCap Games
[19/02/2008|18:07] C:\Program Files\QuickTime
[12/07/2006|21:24] C:\Program Files\Real
[29/12/2007|20:57] C:\Program Files\ReflexiveArcade
[31/10/2007|11:38] C:\Program Files\RegCleaner
[31/10/2007|12:22] C:\Program Files\Satsuki Decoder Pack
[12/07/2006|21:41] C:\Program Files\Services en ligne
[11/12/2008|08:28] C:\Program Files\SmartSound Software
[08/12/2008|08:12] C:\Program Files\Sonic
[12/12/2008|09:57] C:\Program Files\Trend Micro
[10/12/2007|21:38] C:\Program Files\Ubi Soft
[24/08/2008|21:13] C:\Program Files\Ubisoft
[20/10/2005|20:06] C:\Program Files\Uninstall Information
[27/11/2007|18:05] C:\Program Files\uTorrent
[31/10/2007|12:47] C:\Program Files\VirtualDJ
[17/02/2008|16:33] C:\Program Files\Vivendi Universal Games
[05/12/2008|09:24] C:\Program Files\vso
[27/11/2007|17:36] C:\Program Files\Windows Live
[03/11/2007|22:19] C:\Program Files\Windows Media Player
[26/10/2005|23:36] C:\Program Files\Windows NT
[20/10/2005|20:05] C:\Program Files\WindowsUpdate
[31/10/2007|12:27] C:\Program Files\WinRAR
[26/10/2005|23:37] C:\Program Files\xerox
[31/10/2007|12:21] C:\Program Files\XviD
[11/12/2008|09:42] C:\Program Files\Yu-Gi-Oh Virtual Battle 5
[10/08/2008|21:10] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/12/2008|10:10] C:\Program Files\Fichiers communs\Adobe
[28/10/2008|15:17] C:\Program Files\Fichiers communs\Adobe(2)
[31/10/2007|11:53] C:\Program Files\Fichiers communs\Ahead
[24/12/2007|21:32] C:\Program Files\Fichiers communs\BOONTY Shared
[27/01/2008|14:17] C:\Program Files\Fichiers communs\DirectX
[12/07/2006|21:14] C:\Program Files\Fichiers communs\Hewlett-Packard
[12/07/2006|21:11] C:\Program Files\Fichiers communs\HP
[12/07/2006|21:37] C:\Program Files\Fichiers communs\InstallShield
[12/07/2006|20:56] C:\Program Files\Fichiers communs\Java
[12/07/2006|21:26] C:\Program Files\Fichiers communs\LightScribe
[11/12/2008|10:10] C:\Program Files\Fichiers communs\Macrovision Shared
[15/10/2008|15:30] C:\Program Files\Fichiers communs\MAGIX Shared
[06/11/2008|10:41] C:\Program Files\Fichiers communs\Microsoft Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\MSSoap
[12/07/2006|21:30] C:\Program Files\Fichiers communs\muvee Technologies
[26/10/2005|23:35] C:\Program Files\Fichiers communs\ODBC
[08/12/2008|08:27] C:\Program Files\Fichiers communs\Real
[26/10/2005|23:35] C:\Program Files\Fichiers communs\Services
[11/12/2008|08:29] C:\Program Files\Fichiers communs\Sonic Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\SpeechEngines
[11/12/2008|08:29] C:\Program Files\Fichiers communs\SureThing Shared
[03/11/2007|11:03] C:\Program Files\Fichiers communs\Symantec Shared
[03/11/2007|22:19] C:\Program Files\Fichiers communs\System
[11/12/2008|08:29] C:\Program Files\Fichiers communs\TiVo Shared
[27/11/2007|17:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/12/2008|08:29] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 52 Processes )

iexplore.exe ~ [PID:580]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\HP_PRO~1\APPLIC~1\clockc~1
C:\WINDOWS\Tasks\A840AB4B934B223F.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-13 00:20:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 302

--------------------\\ Recherche d'autres infections


voila je m épate la je vais de plus en plus vite lol

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Avast AntiVirus PRO Edition v4.8.1169 + Keygen + Skins.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Control Kids [controle parentale francais] v6.0. + Keygen.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Michael Schumacher World Tour Kart + crack.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\PhotoFiltre Studio 9 + Keygen[Team@QCP].rar.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Simpsons hit & run - jeu pc fr - 3cds iso + crack.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Zylom Games + crack a votre choix de choisir.torrent


[F:8][D:2]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:35][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:162][D:4]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - sam. 13/12/2008| 0:21 - Option : [1]

--------------------\\ Fin du rapport a 0:21:37
0
Réponse 32 / 149
Utilisateur anonyme
 
bonjour comment vas tu ?




Relance Lop S&D
Choisis cette fois-ci l'option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)
0
Réponse 33 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
bonjour
je vais bien merci et toi bien reposé
je fais ca tout de suite
0
Réponse 34 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
voila c est fait , ca va vite



--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.40GHz )
BIOS : BIOS Date: 04/10/2006 Ver: 08.00.12
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 000000-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total:227 Go (Free:78 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
L:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( sam. 13/12/2008|17:22 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\Tasks\A840AB4B934B223F.job
Supprime! - C:\DOCUME~1\HP_PRO~1\APPLIC~1\clockc~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[26/10/2005|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[26/10/2005|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[11/12/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[28/10/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe(2)
[29/11/2007|08:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[24/12/2007|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[31/12/2007|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[15/12/2007|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[25/11/2008|09:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[05/12/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[03/11/2007|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/09/2008|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[12/07/2006|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[12/07/2006|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[12/07/2006|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[11/12/2008|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[24/12/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[28/10/2008|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[05/09/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[27/11/2007|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/04/2008|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/11/2008|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[08/12/2008|08:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[23/02/2008|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9
[28/12/2007|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[31/10/2007|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[04/04/2008|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[19/02/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/12/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution
[23/02/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[12/07/2006|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/12/2008|08:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[12/07/2006|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[15/03/2008|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[03/11/2007|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[10/12/2008|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[05/12/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
[15/12/2007|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[06/09/2008|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom


[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/10/2005|23:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/12/2008|09:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[17/12/2007|16:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[28/12/2007|01:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ahead
[31/12/2007|00:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Corel
[28/11/2007|22:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[24/08/2008|21:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GameHouse
[03/11/2007|17:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[05/09/2008|08:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Grisoft
[24/11/2008|10:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[27/11/2007|19:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[05/12/2007|18:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[27/06/2008|10:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[31/12/2007|00:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InstallShield
[28/11/2007|20:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
[29/11/2008|17:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[24/08/2008|20:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\LimeWire
[03/11/2007|17:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[05/09/2008|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[17/12/2007|09:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[04/09/2008|20:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[27/06/2008|10:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Pirateville
[04/04/2008|19:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PlayFirst
[28/10/2008|15:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\RayV
[08/12/2008|08:27] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[31/10/2007|10:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Roxio
[29/11/2008|17:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[23/12/2007|22:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[01/11/2007|12:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\U3
[13/12/2008|17:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\uTorrent
[11/12/2008|09:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
[03/12/2008|21:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\VSO_HWE
[26/11/2008|08:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Wildfire
[12/12/2008|15:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WinRAR
[27/06/2008|10:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Zylom

[28/10/2008|15:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[12/07/2006|20:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[26/10/2005|23:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[12/07/2006|21:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[12/07/2006|21:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/12/2008 11:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[24/11/2008|11:00] C:\Program Files\7 Wonders Treasures of Seven
[06/11/2008|10:36] C:\Program Files\Activision
[11/12/2008|10:08] C:\Program Files\Adobe
[11/12/2008|08:27] C:\Program Files\adslTV
[31/10/2007|16:49] C:\Program Files\AGEIA Technologies
[31/10/2007|11:56] C:\Program Files\Ahead
[09/07/2008|12:25] C:\Program Files\Alcohol Soft
[28/10/2008|15:13] C:\Program Files\Alwil Software
[20/10/2008|07:53] C:\Program Files\Alwil Software(2)
[28/10/2008|15:03] C:\Program Files\Burger Shop
[31/10/2007|12:30] C:\Program Files\CCleaner
[20/10/2005|20:06] C:\Program Files\ComPlus Applications
[05/09/2008|15:17] C:\Program Files\Control Kids
[13/01/2008|22:07] C:\Program Files\Corel
[12/07/2006|21:28] C:\Program Files\CyberLink
[24/08/2008|21:14] C:\Program Files\DAEMON Tools
[12/12/2008|23:30] C:\Program Files\Defenza
[05/01/2008|16:00] C:\Program Files\Digital-Jesters
[04/04/2008|19:29] C:\Program Files\Diner Dash 2
[10/12/2007|21:38] C:\Program Files\directx
[31/10/2007|12:21] C:\Program Files\DivX
[28/10/2008|15:13] C:\Program Files\Doom 3
[31/10/2007|11:47] C:\Program Files\DVD Decrypter
[07/11/2008|16:19] C:\Program Files\EA GAMES
[24/08/2008|21:14] C:\Program Files\EA SPORTS
[24/08/2008|21:12] C:\Program Files\Eidos
[01/11/2007|11:30] C:\Program Files\Electronic Arts
[27/11/2007|19:17] C:\Program Files\EM2801
[25/01/2008|16:26] C:\Program Files\Emoticons-plus.com
[12/12/2008|23:30] C:\Program Files\Fichiers communs
[24/11/2008|11:00] C:\Program Files\FLV Player
[15/03/2008|10:04] C:\Program Files\GameHouse
[25/11/2008|09:50] C:\Program Files\GamesBar
[24/08/2008|21:14] C:\Program Files\GameShadow
[04/11/2007|09:50] C:\Program Files\Google
[05/09/2008|08:37] C:\Program Files\Grisoft
[24/11/2008|10:59] C:\Program Files\Heidi
[12/07/2006|21:39] C:\Program Files\Hewlett-Packard
[12/07/2006|21:27] C:\Program Files\HP
[31/07/2008|14:36] C:\Program Files\Infogrames
[08/12/2008|08:37] C:\Program Files\InstallShield Installation Information
[12/12/2008|10:45] C:\Program Files\Internet Explorer
[24/08/2008|21:13] C:\Program Files\Java
[31/10/2007|11:46] C:\Program Files\Lavalys
[31/10/2007|11:42] C:\Program Files\Lavasoft
[28/10/2008|15:13] C:\Program Files\LimeWire
[28/10/2008|15:18] C:\Program Files\MAGIX
[05/09/2008|15:07] C:\Program Files\Malwarebytes' Anti-Malware
[31/10/2007|17:37] C:\Program Files\MC2
[25/08/2008|02:03] C:\Program Files\Messenger
[08/05/2008|07:03] C:\Program Files\Messenger Plus! Live
[27/11/2007|22:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/10/2005|23:36] C:\Program Files\microsoft frontpage
[12/12/2007|15:40] C:\Program Files\Microsoft Office
[09/11/2008|15:31] C:\Program Files\Mindscape
[26/10/2005|23:36] C:\Program Files\Movie Maker
[19/02/2008|08:37] C:\Program Files\MSN
[26/10/2005|23:36] C:\Program Files\MSN Gaming Zone
[03/11/2007|22:16] C:\Program Files\MSXML 4.0
[12/07/2006|21:30] C:\Program Files\muvee Technologies
[12/12/2008|23:48] C:\Program Files\Navilog1
[27/08/2008|20:46] C:\Program Files\Nestopia RPlus!
[26/10/2005|23:36] C:\Program Files\NetMeeting
[26/10/2005|23:36] C:\Program Files\Online Services
[25/11/2008|09:50] C:\Program Files\orange
[03/11/2007|22:19] C:\Program Files\Outlook Express
[12/07/2006|21:37] C:\Program Files\PC-Doctor 5 for Windows
[11/12/2008|08:28] C:\Program Files\PhotoFiltre Studio
[31/10/2007|13:00] C:\Program Files\Pinnacle
[24/08/2008|21:13] C:\Program Files\PopCap Games
[19/02/2008|18:07] C:\Program Files\QuickTime
[12/07/2006|21:24] C:\Program Files\Real
[29/12/2007|20:57] C:\Program Files\ReflexiveArcade
[31/10/2007|11:38] C:\Program Files\RegCleaner
[31/10/2007|12:22] C:\Program Files\Satsuki Decoder Pack
[12/07/2006|21:41] C:\Program Files\Services en ligne
[11/12/2008|08:28] C:\Program Files\SmartSound Software
[08/12/2008|08:12] C:\Program Files\Sonic
[12/12/2008|09:57] C:\Program Files\Trend Micro
[10/12/2007|21:38] C:\Program Files\Ubi Soft
[24/08/2008|21:13] C:\Program Files\Ubisoft
[20/10/2005|20:06] C:\Program Files\Uninstall Information
[27/11/2007|18:05] C:\Program Files\uTorrent
[31/10/2007|12:47] C:\Program Files\VirtualDJ
[17/02/2008|16:33] C:\Program Files\Vivendi Universal Games
[05/12/2008|09:24] C:\Program Files\vso
[27/11/2007|17:36] C:\Program Files\Windows Live
[03/11/2007|22:19] C:\Program Files\Windows Media Player
[26/10/2005|23:36] C:\Program Files\Windows NT
[20/10/2005|20:05] C:\Program Files\WindowsUpdate
[31/10/2007|12:27] C:\Program Files\WinRAR
[26/10/2005|23:37] C:\Program Files\xerox
[31/10/2007|12:21] C:\Program Files\XviD
[11/12/2008|09:42] C:\Program Files\Yu-Gi-Oh Virtual Battle 5
[10/08/2008|21:10] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/12/2008|10:10] C:\Program Files\Fichiers communs\Adobe
[28/10/2008|15:17] C:\Program Files\Fichiers communs\Adobe(2)
[31/10/2007|11:53] C:\Program Files\Fichiers communs\Ahead
[24/12/2007|21:32] C:\Program Files\Fichiers communs\BOONTY Shared
[27/01/2008|14:17] C:\Program Files\Fichiers communs\DirectX
[12/07/2006|21:14] C:\Program Files\Fichiers communs\Hewlett-Packard
[12/07/2006|21:11] C:\Program Files\Fichiers communs\HP
[12/07/2006|21:37] C:\Program Files\Fichiers communs\InstallShield
[12/07/2006|20:56] C:\Program Files\Fichiers communs\Java
[12/07/2006|21:26] C:\Program Files\Fichiers communs\LightScribe
[11/12/2008|10:10] C:\Program Files\Fichiers communs\Macrovision Shared
[15/10/2008|15:30] C:\Program Files\Fichiers communs\MAGIX Shared
[06/11/2008|10:41] C:\Program Files\Fichiers communs\Microsoft Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\MSSoap
[12/07/2006|21:30] C:\Program Files\Fichiers communs\muvee Technologies
[26/10/2005|23:35] C:\Program Files\Fichiers communs\ODBC
[08/12/2008|08:27] C:\Program Files\Fichiers communs\Real
[26/10/2005|23:35] C:\Program Files\Fichiers communs\Services
[11/12/2008|08:29] C:\Program Files\Fichiers communs\Sonic Shared
[26/10/2005|23:35] C:\Program Files\Fichiers communs\SpeechEngines
[11/12/2008|08:29] C:\Program Files\Fichiers communs\SureThing Shared
[03/11/2007|11:03] C:\Program Files\Fichiers communs\Symantec Shared
[03/11/2007|22:19] C:\Program Files\Fichiers communs\System
[11/12/2008|08:29] C:\Program Files\Fichiers communs\TiVo Shared
[27/11/2007|17:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/12/2008|08:29] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 51 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-13 17:24:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 302

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Avast AntiVirus PRO Edition v4.8.1169 + Keygen + Skins.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Control Kids [controle parentale francais] v6.0. + Keygen.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Michael Schumacher World Tour Kart + crack.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\PhotoFiltre Studio 9 + Keygen[Team@QCP].rar.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Simpsons hit & run - jeu pc fr - 3cds iso + crack.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Zylom Games + crack a votre choix de choisir.torrent


[F:13][D:2]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:41][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:437][D:4]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - sam. 13/12/2008| 0:21 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - sam. 13/12/2008|17:24 - Option : [2]

--------------------\\ Fin du rapport a 17:24:47
0
Réponse 35 / 149
Utilisateur anonyme
 
bien on continus , ton pc va commencer a se porter mieux mais il reste encore quelques merdouilles




Télécharge OTMoveIt3 de OldTimer sur ton Bureau en cliquant sur ce lien :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe pour le lancer.

Vérifie que la case devant "Unregister Dll's and Ocx's est bien cochée.

Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans le cadre de gauche de OTMoveIt : "Paste instructions for item to be moved".


:Processes
explorer.exe

:Services

:Reg

:Files
c:\program files\Defenza\pcd-as.exe
C:\Crack
c:\program files\BoontyGames
c:\program files\Oberon Media
c:\program files\Fichiers communs\Oberon Media
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Avast AntiVirus PRO Edition v4.8.1169 + Keygen + Skins.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Control Kids [controle parentale francais] v6.0. + Keygen.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Michael Schumacher World Tour Kart + crack.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\PhotoFiltre Studio 9 + Keygen[Team@QCP].rar.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Simpsons hit & run - jeu pc fr - 3cds iso + crack.torrent
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Zylom Games + crack a votre choix de choisir.torrent

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]



Clique sur "MoveIt!" pour lancer la suppression.

Le résultat apparaitra dans le cadre "Results".

Clique sur "Exit" pour fermer.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom xxxxxx_xxxxxxxxxx.log .

Il te sera peut-être demander de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.

0
Réponse 36 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
ok c est fait j avais déja omovit d installer


========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File/Folder c:\program files\Defenza\pcd-as.exe not found.
File/Folder C:\Crack not found.
File/Folder c:\program files\BoontyGames not found.
File/Folder c:\program files\Oberon Media not found.
File/Folder c:\program files\Fichiers communs\Oberon Media not found.
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Avast AntiVirus PRO Edition v4.8.1169 + Keygen + Skins.torrent moved successfully.
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Control Kids [controle parentale francais] v6.0. + Keygen.torrent moved successfully.
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Michael Schumacher World Tour Kart + crack.torrent moved successfully.
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\PhotoFiltre Studio 9 + Keygen[Team@QCP].rar.torrent moved successfully.
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Simpsons hit & run - jeu pc fr - 3cds iso + crack.torrent moved successfully.
C:\DOCUME~1\HP_PRO~1\Application Data\uTorrent\Zylom Games + crack a votre choix de choisir.torrent moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF14B5.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF14C9.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFFB3C.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFFB63.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\CLML_AGENT_LOG1.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4fc.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_fKcY5Pey4HGPd7w scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12132008_194703

Files moved on Reboot...
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log moved successfully.
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log moved successfully.
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF14B5.tmp not found!
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF14C9.tmp not found!
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFFB3C.tmp not found!
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFFB63.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\CLML_AGENT_LOG1.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_4fc.dat not found!
File C:\WINDOWS\temp\sqlite_fKcY5Pey4HGPd7w not found!
0
Réponse 37 / 149
Utilisateur anonyme
 
bien maintenant au tour de boonty




Télécharges http://sd-1.archive-host.com/membres/up/16506160323759868/AD­-R.exe ( de Cyrildu17 / C_XX ) sur ton bureau :


/!\ Déconnectes toi et fermes toutes applications en cours

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...)
0
Réponse 38 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
il ne m ouvre pas la page il est inscrit erreur 404
une main blanche sur un fond rouge
0
Réponse 39 / 149
marjo31 Messages postés 174 Date d'inscription   Statut Membre Dernière intervention   2
 
oups déso je vais recommencé j etais pas déconecté peut etre ca
0
Réponse 40 / 149
Utilisateur anonyme
 
le lien a cassé , desoles


http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
0