Se connecter / S'enregistrer
Votre question

comment se débarasser des pub spyware-secure

Tags :
  • Spyware
  • Sécurité
Dernière réponse : dans Sécurité et virus
12 Août 2007 10:50:30

bonjour, depuis plusieur jour je suis bombardé de fenetre spyware-secure et autres qui s'ouvre a tout moment sur mon ordinateur. pouvez vous m'aider a résoudre ce problème svp. j'utilise principalement firefox(mais je possede aussi IE) et je suis sous win 2000 pro. merci

Autres pages sur : debarasser pub spyware secure

12 Août 2007 11:54:47

bonjour, voici le résultat de mon scan :

Logfile of HijackThis v1.99.1
Scan saved at 11:51:56, on 12/08/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
g:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\WINNT\System32\DSentry.exe
G:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
G:\Program Files\3M\PSNLite\PsnLite.exe
g:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\cyril\Bureau\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = wanadoo de_18
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINNT\System32\DSentry.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] g:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINNT\p_981116.exe /Q:A
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINNT\system32\logon.exe
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINNT\system32\spoolsvc.exe
O4 - HKLM\..\Run: [Winamp Agent] C:\WINNT\system32\winamp.exe
O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Look 'n' Stop] C:\Program Files\Soft4Ever\looknstop\looknstop.exe -auto
O4 - HKLM\..\RunOnce: [HcTSC] C:\WINNT\TSC.EXE
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [NBJ] "G:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = G:\Program Files\3M\PSNLite\PsnLite.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/d...
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/z...
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - g:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINNT\system32\dllcache\cychost.exe (file missing)
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINNT\system32\irdvxc.exe" /service (file missing)
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINNT\system32\urdvxc.exe" /service (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)




Contenus similaires
12 Août 2007 12:05:18

Bonjour


De nombreuses infections.


$$ Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.e...


$$ Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.


$$ Double clique sur SDFix.exe et choisis Install
Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
Tape Y pour lancer le script.
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
Presse une touche pour redémarrer

Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt".


$$ Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
12 Août 2007 12:31:17

voici le rapport de sdfix :


SDFix: Version 1.97

Run by cyril on dim. 12/08/2007 at 12:18

Microsoft Windows 2000 [Version 5.00.2195]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:
Microsoft Agent
MSDisk
MSWindows

ImagePath:
"C:\WINNT\system32\dllcache\cychost.exe"
"C:\WINNT\system32\irdvxc.exe" /service
"C:\WINNT\system32\urdvxc.exe" /service

Microsoft Agent - Deleted
MSDisk - Deleted
MSWindows - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINNT\SYSTEM32\FPRTVGKP.EXE - Deleted
C:\WINNT\SYSTEM32\ANEW.EXE - Deleted
C:\DOCUME~1\cyril\LOCALS~1\Temp\autorun.inf - Deleted



Removing Temp Files...

ADS Check:

C:\WINNT
No streams found.

C:\WINNT\system32
No streams found.

C:\WINNT\system32\svchost.exe
No streams found.

C:\WINNT\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\WINNT\SYSTEM32\eizno.exe
C:\WINNT\SYSTEM32\eprfpjqr.exe
C:\WINNT\SYSTEM32\ffvyf.exe
C:\WINNT\SYSTEM32\uorjx.exe
C:\WINNT\SYSTEM32\CONFIG\system.tmp.LOG
C:\WINNT\SYSTEM32\CONFIG\software.tmp.LOG
C:\WINNT\SYSTEM32\CONFIG\default.tmp.LOG

Finished

je vais maintenant faire la suite que vous m'avez conseiller. merci
12 Août 2007 12:42:15

voici le rapport de combofix :

ComboFix 07-08-09.3 - "cyril" 12/08/2007 12:32:12.1 - FAT32x86
Microsoft Windows 2000 Professionnel 5.0.2195.4.1252.1.1036.18.37 [GMT 2:00]


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\ScreenSaver\Images\01E02CAE.urr
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\cup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\customer_cup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\heart.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\menu_down.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\menu_up.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\plates.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\ticket.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\accessories\tray.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\music\mainmenumusic.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_diner.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_rollover_1.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\choosedifficulty.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\credits.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\flo_lose.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\flo_win.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\help1.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\help2.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\highscores.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\levelintro.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\levelintro_mask.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\levelover.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\levelover_mask.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\mainmenu.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\popup.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\popup_mask.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\upgradegrid.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\upgradetitle.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\backgrounds\upsell.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\arrowleft_blue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\arrowleft_yellow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\arrowright_blue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\arrowright_yellow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\back_blue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\back_yellow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\backchalk.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\backchalkup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\backtomenu_blue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\backtomenu_yellow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\cancel.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\cancelup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\career.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\career_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\close.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\closeup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\continue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\continueover.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\credits_blue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\credits_yellow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\download_blue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\download_yellow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\easy.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\easy_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\endlessshift.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\endlessshift_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\hard.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\hard_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\help.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\help_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\highscores.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\highscores_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\instructions_blue.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\instructions_yellow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\letsplay.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\letsplayover.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\medium.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\medium_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\moreinfo.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\moreinfoup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\off.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\off_on.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\on.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\on_on.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\pause.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\pauseover.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\quit.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\quitgame.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\quitgameover.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\quitover.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\resumegame.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\resumegameover.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\submit.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\submitup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\tryagain.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\tryagainover.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\upgrade_over.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\upgrade_up.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\viewglobal.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\viewglobalup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\viewhighscore.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\viewhighscoreon.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\viewlocal.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\buttons\viewlocalup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\comics\webcomic.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\config\career.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\config\customer.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\config\endless.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\config\global.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\config\powerups.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cook\cook.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cook\cook.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cook\stove.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cursor\arrow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cursor\click.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cursor\click2.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cursor\grab.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\cursor\open.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\blue\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\blue\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\green\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\green\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\purple\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\purple\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\red\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\red\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\yellow\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\old_male\yellow\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\blue\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\blue\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\green\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\green\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\purple\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\purple\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\red\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\red\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\yellow\anim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\customers\young_female\yellow\sit_legs.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\flo\idle.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\flo\idle.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\flo\lower.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\flo\lower.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\flo\upper.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\flo\upper.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\fonts\arial.mvec
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\fonts\komikaaxis.mvec
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\chair.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\chair.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\dirt2top.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\dirt4top.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\dishcart.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\dishcart.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\drinkstation_off.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\drinkstation_on1.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\drinkstation_on2.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\ticketstation.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\furniture\ticketstation.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowdown.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowdownon.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowleft.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowlefton.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowright.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowrighton.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\arrowupon.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\p1icon.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\textedit.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\hiscore\title.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_1.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_1_a.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_1_b.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_1_c.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_2.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_2_a.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_2_b.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_2_c.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_2_d.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_3.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_3_a.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_3_b.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_3_c.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\endless_1_3_d.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\fifth_level_diner.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\first_level_diner.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\fourth_level_diner.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\layouts\second_level_diner.txt
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\playfirst_logo.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\background.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\food\food1.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\food\food2.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\food\food3.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\frames\upgrade_0001.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\tables\2top.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\tables\4top.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\diner\upgrades.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\restaurants\tableshadow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\choosedifficulty.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\chooseplayer.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\chooserestaurant.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\credits.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\game.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\gothighscore.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\help.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\help2.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\hiscore.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\hiscoreinfo.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\hiscoresubmit.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\levelintro.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\levelover.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\loading.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\mainloop.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\mainmenu.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\ok.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\pause.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\style.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\tutorialintro.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\upgrade.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\upsell.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\webcomic.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\scripts\yesno.lua
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\splash\aol_logo.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\splash\gamelabsplash.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\splash\playfirst_logo.jpg
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\strings.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\angersmoke.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\angersmoke.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\chairflags.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\chairflags.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\check.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\checkmark.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\clock.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\closed.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\closingtime.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\coinflip.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\coinflip.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\dollar.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\doodles\coffee.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\doodles\tables.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\doodles\wallpaper.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\expert.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\expertscore.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\foodpoof.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\foodpoof.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\fork_timer.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\goalcompleted.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\heartgrow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\heartgrow.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\jar.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\jar.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\level.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\level_career.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\score.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\sound.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\staroff.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\staron.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\tablenumber.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\tablenumberup.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\traynumber.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\tutorial_character.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\tutorialarrow.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\tutorialbox.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgradeanim.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgradeanim.xml
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgrades\drinks.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgrades\maitred.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgrades\oven.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgrades\select.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgrades\shoes.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgrades\stereo.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\assets\ui\upgrades\table.png
C:\WINNT\DOWNLO~1.\DinerDash.1.0.0.80\dinerdash.exe
C:\WINNT\system32\drivers\npf.sys
C:\WINNT\system32\hxlxgj.dat
C:\WINNT\system32\hxlxgj.exe
C:\WINNT\system32\hxlxgj_nav.dat
C:\WINNT\system32\hxlxgj_navps.dat
C:\WINNT\system32\nvs2.inf
C:\WINNT\system32\packet.dll
C:\WINNT\system32\pthreadVC.dll
C:\WINNT\system32\wanpacket.dll
C:\WINNT\system32\wpcap.dll


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_NPF
-------\NPF


((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 )))))))))))))))))))))))))))))))


2007-08-12 12:36 16,384 --a----t- C:\WINNT\SYSTEM32\Perflib_Perfdata_5d0.dat
2007-08-12 12:35 16,384 --a----t- C:\WINNT\SYSTEM32\Perflib_Perfdata_220.dat
2007-08-12 12:31 51,200 --a------ C:\WINNT\nircmd.exe
2007-08-12 12:17 <DIR> d-------- C:\WINNT\ERUNT
2007-08-12 09:54 <DIR> d-------- C:\WINNT\report
2007-08-12 09:51 86,094 --a------ C:\WINNT\BPMNT.dll
2007-08-12 09:51 71,749 --a------ C:\WINNT\hcextoutput.dll
2007-08-12 09:51 267,845 --a------ C:\WINNT\tsc.exe
2007-08-12 09:51 1,163,344 --a------ C:\WINNT\vsapi32.dll
2007-08-12 09:51 <DIR> d-------- C:\WINNT\AU_Backup
2007-08-12 09:50 69,689 --a------ C:\WINNT\UNZIP.DLL
2007-08-12 09:50 507,904 --a------ C:\WINNT\TMUPDATE.DLL
2007-08-12 09:50 286,720 --a------ C:\WINNT\PATCH.EXE
2007-08-12 09:50 <DIR> d-------- C:\WINNT\AU_Temp
2007-08-12 09:50 <DIR> d-------- C:\WINNT\AU_Log
2007-08-11 22:52 36,864 --a------ C:\WINNT\SYSTEM32\fwapi.dll
2007-08-11 22:52 23,806 --a------ C:\WINNT\SYSTEM32\DRIVERS\lnsfw.sys
2007-08-11 22:52 <DIR> d-------- C:\Program Files\Soft4Ever
2007-08-11 22:41 <DIR> d-------- C:\DOCUME~1\cyril\APPLIC~1\Jetico Personal Firewall
2007-08-11 22:17 <DIR> d-------- C:\DOCUME~1\cyril\APPLIC~1\Comodo
2007-08-11 22:17 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
2007-08-11 22:16 <DIR> d-------- C:\Program Files\Comodo
2007-08-11 21:37 <DIR> d-------- C:\Program Files\Lavasoft
2007-08-11 21:31 <DIR> d-------- C:\Program Files\AxBx
2007-08-11 19:13 95,608 --a------ C:\WINNT\SYSTEM32\AVASTSS.scr
2007-08-11 19:13 94,416 --a------ C:\WINNT\SYSTEM32\DRIVERS\aswmon2.sys
2007-08-11 19:13 92,848 --a------ C:\WINNT\SYSTEM32\DRIVERS\aswmon.sys
2007-08-11 19:13 783,224 --a------ C:\WINNT\SYSTEM32\aswBoot.exe
2007-08-11 19:13 42,912 --a------ C:\WINNT\SYSTEM32\DRIVERS\aswTdi.sys
2007-08-11 19:13 26,624 --a------ C:\WINNT\SYSTEM32\DRIVERS\aavmker4.sys
2007-08-11 19:13 23,152 --a------ C:\WINNT\SYSTEM32\DRIVERS\aswRdr.sys
2007-08-11 19:13 <DIR> d-------- C:\Program Files\Alwil Software
2007-08-10 12:29 86,016 --a------ C:\WINNT\unvise32qt.exe
2007-08-10 11:45 <DIR> d-------- C:\DOCUME~1\cyril\APPLIC~1\PlayFirst
2007-08-10 11:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
2007-08-09 11:31 <DIR> d-------- C:\DOCUME~1\cyril\APPLIC~1\MessengerSkinner
2007-08-08 16:39 <DIR> d-------- C:\Program Files\MIKSOFT
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-08 11:29 1,060,864 --a------ C:\WINNT\SYSTEM32\MFC71.dll
2007-08-08 11:02 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
2007-08-05 20:54 <DIR> d-------- C:\WINNT\SYSTEM32\Les Simpson - Le film dir
2007-08-05 13:15 <DIR> d-------- C:\Program Files\ZNsoft Corporation
2007-07-31 16:01 <DIR> d-------- C:\Program Files\WinPcap
2007-07-30 21:38 <DIR> d-------- C:\WINNT\Sponsors
2007-07-30 21:38 <DIR> d-------- C:\Program Files\ODS
2007-07-28 19:20 <DIR> d-------- C:\DOCUME~1\cyril\APPLIC~1\vlc
2007-07-28 14:25 <DIR> d-------- C:\DOCUME~1\cyril\WhiteCap
2007-07-28 14:24 <DIR> d-------- C:\Program Files\Fichiers communs\Real
2007-07-27 10:10 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames
2007-07-24 09:35 <DIR> d--h----- C:\WINNT\$SQLUninstallMDAC27SP1-KB927779-x86-FRA$
2007-07-23 09:43 84,512 -ra------ C:\WINNT\SYSTEM32\DRIVERS\ss_mdm.sys
2007-07-23 09:43 6,080 -ra------ C:\WINNT\SYSTEM32\DRIVERS\ss_cmnt.sys
2007-07-23 09:43 6,080 -ra------ C:\WINNT\SYSTEM32\DRIVERS\ss_cm.sys
2007-07-23 09:43 6,064 -ra------ C:\WINNT\SYSTEM32\DRIVERS\ss_mdfl.sys
2007-07-23 09:43 52,384 -ra------ C:\WINNT\SYSTEM32\DRIVERS\ss_bus.sys
2007-07-23 09:43 5,744 -ra------ C:\WINNT\SYSTEM32\DRIVERS\ss_whnt.sys
2007-07-23 09:43 5,744 -ra------ C:\WINNT\SYSTEM32\DRIVERS\ss_wh.sys
2007-07-23 09:42 <DIR> d-------- C:\Program Files\SAMSUNG
2007-07-23 09:38 98,304 --a------ C:\WINNT\SYSTEM32\ODBCCP32.dll
2007-07-23 09:38 90,112 --a------ C:\WINNT\SYSTEM32\odbcint.dll
2007-07-23 09:38 90,112 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msjro.dll
2007-07-23 09:38 73,728 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdaosp.dll
2007-07-23 09:38 65,536 --a------ C:\WINNT\SYSTEM32\DLLCACHE\oledb32r.dll
2007-07-23 09:38 61,440 --a------ C:\WINNT\SYSTEM32\ODBCCU32.dll
2007-07-23 09:38 61,440 --a------ C:\WINNT\SYSTEM32\ODBCCR32.dll
2007-07-23 09:38 61,440 --a------ C:\WINNT\SYSTEM32\DLLCACHE\ODBCCU32.dll
2007-07-23 09:38 61,440 --a------ C:\WINNT\SYSTEM32\DLLCACHE\ODBCCR32.dll
2007-07-23 09:38 61,440 --a------ C:\WINNT\SYSTEM32\DBnetlib.dll
2007-07-23 09:38 57,344 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msadcf.dll
2007-07-23 09:38 53,248 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msadrh15.dll
2007-07-23 09:38 53,248 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msadcs.dll
2007-07-23 09:38 491,520 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msado15.dll
2007-07-23 09:38 49,152 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msador15.dll
2007-07-23 09:38 45,632 --a------ C:\WINNT\SYSTEM32\cliconfg.exe
2007-07-23 09:38 413,696 --a------ C:\WINNT\SYSTEM32\DLLCACHE\oledb32.dll
2007-07-23 09:38 4,656 --a------ C:\WINNT\SYSTEM32\ds16gt.dll
2007-07-23 09:38 4,656 --a------ C:\WINNT\SYSTEM32\DLLCACHE\ds16gt.dll
2007-07-23 09:38 4,096 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdaurl.dll
2007-07-23 09:38 4,096 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdasc.dll
2007-07-23 09:38 4,096 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdaer.dll
2007-07-23 09:38 4,096 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdaenum.dll
2007-07-23 09:38 4,096 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdadc.dll
2007-07-23 09:38 385,024 --a------ C:\WINNT\SYSTEM32\sqlsrv32.dll
2007-07-23 09:38 36,864 --a------ C:\WINNT\SYSTEM32\mscpxl32.dll
2007-07-23 09:38 36,864 --a------ C:\WINNT\SYSTEM32\DLLCACHE\mscpxl32.dll
2007-07-23 09:38 32,768 --a------ C:\WINNT\SYSTEM32\odbcad32.exe
2007-07-23 09:38 32,768 --a------ C:\WINNT\SYSTEM32\DLLCACHE\odbcad32.exe
2007-07-23 09:38 32,768 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdfmap.dll
2007-07-23 09:38 307,200 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msadce.dll
2007-07-23 09:38 303,104 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msdasql.dll
2007-07-23 09:38 28,672 --a------ C:\WINNT\SYSTEM32\dbnmpntw.dll
2007-07-23 09:38 26,224 --a------ C:\WINNT\SYSTEM32\odbc16gt.dll
2007-07-23 09:38 26,224 --a------ C:\WINNT\SYSTEM32\DLLCACHE\odbc16gt.dll
2007-07-23 09:38 24,576 --a------ C:\WINNT\SYSTEM32\odbcbcp.dll
2007-07-23 09:38 24,576 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msxactps.dll
2007-07-23 09:38 24,576 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msader15.dll
2007-07-23 09:38 24,576 --a------ C:\WINNT\SYSTEM32\DLLCACHE\msaddsr.dll
2007-07-23 09:38 24,576 --a------ C:\WINNT\SYSTEM32\dbmsvinn.dll
2007-07-23 09:38 24,576 --a------ C:\WINNT\SYSTEM32\dbmsrpcn.dll
2007-07-23 09:38 24,576 --a------ C:\WINNT\SYSTEM32\dbmsgnet.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

07-08-01 20:35 4528 --a------ C:\WINNT\mozver.dat
07-07-20 09:09 95526 --a------ C:\WINNT\system32\perfc00C.dat
07-07-20 09:09 517868 --a------ C:\WINNT\system32\perfh00C.dat
07-07-18 17:36 --------- d--h----- C:\DOCUME~1\cyril\APPLIC~1\.piratepornload
07-07-11 22:07 --------- d-------- C:\DOCUME~1\cyril\APPLIC~1\DWGeditor
07-07-11 22:06 --------- d-------- C:\DOCUME~1\cyril\APPLIC~1\SolidWorks
07-07-11 22:05 --------- d-------- C:\Program Files\Fichiers communs\eDrawings2006
07-07-11 21:58 --------- d-------- C:\Program Files\Fichiers communs\SolidWorks Shared
07-07-11 21:10 --------- d-------- C:\DOCUME~1\cyril\APPLIC~1\Google
07-07-11 20:44 50688 --a------ C:\WINNT\system32\wbhelp2.dll
07-07-11 20:44 --------- d-------- C:\Program Files\Google
07-07-11 20:00 5894 --a------ C:\a1c.bat
07-07-11 19:39 --------- d-------- C:\Program Files\MSN Messenger
07-07-11 19:39 --------- d-------- C:\Program Files\Messenger
07-07-11 19:35 27912 --ah----- C:\WINNT\system32\eizno.exe
07-07-11 19:25 --------- d-------- C:\Program Files\Apple Software Update
07-07-11 18:06 3508 --ah----- C:\WINNT\system32\uorjx.exe
07-07-11 18:06 10752 --ah----- C:\WINNT\system32\ffvyf.exe
07-07-11 17:34 107134 --a------ C:\WINNT\UninstallFirefox.exe
07-07-11 17:34 0 --a------ C:\WINNT\nsreg.dat
07-07-11 17:34 --------- d-------- C:\DOCUME~1\cyril\APPLIC~1\Talkback
07-07-11 17:11 120 --a------ C:\WINNT\system32\zcrr.bat
07-07-11 16:42 5840 --ah----- C:\WINNT\system32\eprfpjqr.exe
07-07-11 13:50 --------- d-------- C:\Program Files\Free
07-07-09 16:55 --------- d-------- C:\Program Files\Sierra On-Line
07-07-03 18:35 --------- d-------- C:\DOCUME~1\cyril\APPLIC~1\Media Player Classic
07-07-03 18:34 --------- d-------- C:\DOCUME~1\cyril\APPLIC~1\Real
07-07-03 18:31 33 --a------ C:\WINNT\brassi.dat
07-07-03 18:31 121856 --a------ C:\WINNT\system32\hypnodisk.scr
07-07-02 14:11 16220 --a------ C:\WINNT\hpiins01.dat
07-07-02 14:08 43488 --a------ C:\WINNT\system32\drivers\AFS2K.SYS
07-07-02 14:05 --------- d-------- C:\Program Files\Fichiers communs\HP
07-07-02 14:00 --------- d-------- C:\Program Files\HP
07-06-29 16:31 --------- d-------- C:\DOCUME~1\cyril\APPLIC~1\ArcSoft
07-06-29 16:24 --------- d-------- C:\Program Files\Fichiers communs\ArcSoft
07-06-20 18:00 4 --a------ C:\WINNT\todo.sys
07-06-18 11:12 --------- d-------- C:\Program Files\McAfee.com
07-06-18 10:58 --------- d-------- C:\Program Files\Fichiers communs\Totem Shared
07-06-09 06:14 564224 --a------ C:\WINNT\system32\x264vfw.dll
07-06-03 14:31 10752 --a------ C:\WINNT\system32\ff_vfw.dll
07-05-31 08:44 740442 --a------ C:\WINNT\system32\divx.dll
07-05-20 10:53 12 --a------ C:\ur.dat
07-05-20 10:39 24 -rah----- C:\WINNT\wcpx_.dat
07-05-18 17:58 74752 --a------ C:\WINNT\ST6UNST.EXE
03-12-23 12:42 271 ---h----- C:\Program Files\DESKTOP.INI
03-12-23 12:42 22115 ---h----- C:\Program Files\FOLDER.HTT
02-08-21 20:43 32528 --a------ C:\WINNT\inf\wbfirdma.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [03-06-19 12:05 C:\WINNT\SYSTEM32\mobsync.exe]
"IgfxTray"="C:\WINNT\System32\igfxtray.exe" [03-04-07 00:19 ]
"HotKeysCmds"="C:\WINNT\System32\hkcmd.exe" [03-04-07 00:07 ]
"DVDSentry"="C:\WINNT\System32\DSentry.exe" [02-08-14 18:22 ]
"NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe" [01-07-09 11:50 ]
"InCD"="g:\Program Files\Ahead\InCD\InCD.exe" [05-07-25 12:01 ]
"DXM6Patch_981116"="C:\WINNT\p_981116.exe" [98-11-30 18:04 ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [07-03-14 03:43 ]
"NetAnalyse"="C:\Program Files\NetAnalyse\NetAnalyse.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [07-07-28 00:03 ]
"Look 'n' Stop"="C:\Program Files\Soft4Ever\looknstop\looknstop.exe" [07-08-11 22:52 ]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"="internat.exe" [02-08-21 20:44 C:\WINNT\SYSTEM32\internat.exe]
"NBJ"="G:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [05-08-31 11:47 ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07-07-12 21:38 ]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"internat.exe"=internat.exe

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Post-it© Software Notes Lite.lnk - G:\Program Files\3M\PSNLite\PsnLite.exe [2004-10-15 14:26:54]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

R0 fasttrak;fasttrak;C:\WINNT\system32\DRIVERS\fasttrak.sys
R0 Fd16_700;Fd16_700;C:\WINNT\system32\DRIVERS\fd16_700.sys
R0 mraid2k;mraid2k;C:\WINNT\system32\DRIVERS\mraid2k.sys
R1 ATMhelpr;ATMhelpr;C:\WINNT\system32\drivers\ATMhelpr.sys
R2 ASFAgent;ASF Agent;C:\Program Files\Intel\ASF Agent\ASFAgent.exe
R2 AsfAlrt;AsfAlrt;\??\C:\WINNT\System32\drivers\AsfAlrt.sys
R2 aswMon;avast! Standard Shield Support;C:\WINNT\system32\drivers\aswMon.sys
R2 IISADMIN;Service d'administration IIS;C:\WINNT\System32\inetsrv\inetinfo.exe
R2 MSFTPSVC;Service de publication FTP;C:\WINNT\System32\inetsrv\inetinfo.exe
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINNT\System32\inetsrv\inetinfo.exe
R3 Afc;PPdus ASPI Shell;C:\WINNT\system32\drivers\Afc.sys
R3 usbhub20;USB 2.0 Root Hub Support;C:\WINNT\system32\DRIVERS\usbhub20.sys
S1 sglfb;sglfb;C:\WINNT\system32\drivers\sglfb.sys
S2 InCDsrvR;InCD Helper (read only);C:\Program Files\Ahead\InCD\InCDsrv.exe -r
S3 C-Dilla;C-Dilla;\??\C:\WINNT\system32\drivers\CDANT.SYS
S3 EL90BC;Pilote de carte 3Com EtherLink XL B/C;C:\WINNT\system32\DRIVERS\el90xbc5.sys
S3 InCDFat;Ahead InCDFat File System Driver;\??\C:\WINNT\system32\Drivers\InCDFat.sys
S3 MPE;BDA MPE Filter;C:\WINNT\system32\DRIVERS\MPE.sys
S3 nm;Pilote de moniteur réseau;C:\WINNT\system32\DRIVERS\NMnt.sys
S3 nocashio;nocashio;C:\WINNT\system32\drivers\nocashio.sys
S3 ovt530;Webcam Classic;C:\WINNT\system32\Drivers\ov530vid.sys
S3 SIS163u;WL_54USB Wireless LAN Adapter Driver;C:\WINNT\system32\DRIVERS\sis163u.sys
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINNT\system32\DRIVERS\ss_bus.sys
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINNT\system32\DRIVERS\ss_mdfl.sys
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINNT\system32\DRIVERS\ss_mdm.sys
S3 StillCam;Pilote d'appareil photo numérique série;C:\WINNT\system32\DRIVERS\serscan.sys
S3 U2SP;USB to Serial Converter Driver(Philips);C:\WINNT\system32\DRIVERS\u2s2kxp.sys

*Newly Created Service* - IPNAT
*Newly Created Service* - RASAUTO
*Newly Created Service* - SHAREDACCESS

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 12:36:17
Windows 5.0.2195 Service Pack 4 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-12 12:37:56 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 07-08-12 12:37

--- E O F ---



et celui de hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 12:40:59, on 12/08/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
g:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\System32\hkcmd.exe
C:\WINNT\System32\DSentry.exe
G:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
G:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
g:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\WINNT\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\cyril\Bureau\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = wanadoo de_18
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINNT\System32\DSentry.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] g:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINNT\p_981116.exe /Q:A
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Look 'n' Stop] C:\Program Files\Soft4Ever\looknstop\looknstop.exe -auto
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [NBJ] "G:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = G:\Program Files\3M\PSNLite\PsnLite.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/d...
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/z...
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - g:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

merci de votre aide.

12 Août 2007 21:41:35

Re


Relance un scan HijackThis et coche les lignes ci-dessous :

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZNfox000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/onli [...] 0.0.80.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/onli [...] loader.cab

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt....
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :p aste List of Files/Folders to be moved.

C:\ur.dat
C:\WINNT\unvise32qt.exe
C:\DOCUME~1\cyril\APPLIC~1\MessengerSkinner
C:\a1c.bat
C:\WINNT\system32\eizno.exe
C:\WINNT\system32\uorjx.exe
C:\WINNT\system32\ffvyf.exe
C:\WINNT\system32\zcrr.bat
C:\WINNT\system32\eprfpjqr.exe


Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS