Jlpjlp, help ! - Page 2

Précédent
  • 1
  • 2
  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Pour fusionner:

    http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

    _______________

    telecharge combofix:

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Sauvegarde le sur ton bureau et pas ailleurs !

    _________________

    Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

    Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

    File::
    C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\abrp.exe
    C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winonnym.exe
    C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\cjobut.exe
    F:\scaa.cmd
    Registry::
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\cexj.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winpusr.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\wincvuhb.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winatss.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winbfjcl.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winarsrm.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winbscto.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winxykra.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winpewou.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winfbbbgt.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winjuouh.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winakfvis.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\gvema.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\aigoyn.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winhdah.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winftxdbj.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\wintxjjgq.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\aqmtj.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winbhqcrt.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\wineoakq.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winjdwds.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\reyfx.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\uggwgm.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\otohvn.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winfgubk.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\olsb.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\windoqva.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\kgfkk.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winopek.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\davlyu.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\qejjci.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winsyfl.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winxmewkp.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winwocsm.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\vtio.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\ofyplg.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\bvpvec.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winxtlb.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winwmprns.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winrbmwxe.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winlpwu.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\dmqu.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winnopey.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winvrpus.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winjhdu.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winavwigt.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winhjtfqv.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\ysnrmm.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winmreib.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\kbho.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\wincsucx.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\tsgm.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winasqr.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\vtias.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\fblaf.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\pjmb.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winbgyvt.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winfton.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\wingvhvev.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winpoqw.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winitjudh.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winlbbci.exe"=--
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\lmfn.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\qlykju.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\prucus.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\emjojb.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winqkdg.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winjwvuh.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winstjkh.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winpwngll.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winmuifqw.exe"=-
    "C:\DOCUME~1\DELPHI~1\LOCALS~1\Temp\winxlvvq.exe"=-
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8253550-020d-11da-85d2-0012f03b6357}]

    Enregistre ce fichier sous le nom CFscript

    Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

    Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

    Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

    Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

    Ne touche à rien tant que le scan n'est pas terminé.

    Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

    Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    ____________________________________

    colle un scan en ligne avec un des suivants

    bitdefender en ligne :
    http://www.bitdefender.fr/scan_fr/scan8/ie.html

    scan en ligne firefox

    https://www.trendmicro.com/fr_fr/business.html­_launch.php

    Panda en ligne :
    http://pandasoftware.fr
    0
    1. mayadina
       
      voila le rapport combo fix
      MAIS IL NE MA PAS DEMANDE TYPE 1 TO CONTINUE OR 2 TO ABORD !!!!!!


      ComboFix 09-08-02.04 - Delphine HASSAN 03/08/2009 19:15.2.1 - FAT32x86
      Microsoft Windows XP Édition familiale 5.1.2600.3.1252.352.1036.18.511.254 [GMT 2:00]
      Running from: c:\documents and settings\Delphine HASSAN\Bureau\ComboFix.exe
      Command switches used :: c:\documents and settings\Delphine HASSAN\Bureau\CFscript.txt

      WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

      FILE ::
      "c:\docume~1\DELPHI~1\LOCALS~1\Temp\abrp.exe"
      "c:\docume~1\DELPHI~1\LOCALS~1\Temp\cjobut.exe"
      "c:\docume~1\DELPHI~1\LOCALS~1\Temp\winonnym.exe"
      "F:\scaa.cmd"
      .

      ((((((((((((((((((((((((( Files Created from 2009-07-03 to 2009-08-03 )))))))))))))))))))))))))))))))
      .

      2009-07-31 20:39 . 2009-07-31 20:39 -------- d-----w- c:\documents and settings\Delphine HASSAN\Local Settings\Application Data\Yahoo
      2009-07-31 20:35 . 2009-07-31 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
      2009-07-31 20:35 . 2009-05-26 19:30 681200 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
      2009-07-31 20:07 . 2009-07-31 20:07 -------- d-----w- c:\program files\Eazel-FR
      2009-07-31 20:07 . 2009-07-31 20:07 -------- d-----w- c:\program files\Conduit
      2009-07-31 20:07 . 2009-07-31 20:07 -------- d-----w- c:\documents and settings\Delphine HASSAN\Local Settings\Application Data\Eazel-FR
      2009-07-31 20:07 . 2009-07-31 20:07 -------- d-----w- c:\documents and settings\Delphine HASSAN\Local Settings\Application Data\Conduit
      2009-07-31 20:07 . 2009-07-31 20:07 -------- d-----w- c:\program files\ESTsoft
      2009-07-31 20:07 . 2009-07-31 20:07 -------- d-----w- c:\documents and settings\Delphine HASSAN\Application Data\ESTsoft
      2009-07-30 16:30 . 2009-07-30 16:30 -------- d-----w- c:\documents and settings\mahamed hassan.NOM-37933E4E8AA\Bureau
      2009-07-29 19:47 . 2009-07-29 19:47 -------- d-----w- c:\program files\Ad-remover
      2009-07-29 17:15 . 2009-07-29 17:15 -------- d-----w- C:\UsbFix
      2009-07-29 16:26 . 2009-07-29 16:26 -------- d-----w- c:\documents and settings\Delphine HASSAN\Application Data\Malwarebytes
      2009-07-29 16:26 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2009-07-29 16:26 . 2009-07-29 16:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2009-07-29 16:26 . 2009-07-29 16:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
      2009-07-29 16:26 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
      2009-07-29 16:24 . 2009-07-29 16:24 -------- d-----w- c:\program files\CCleaner
      2009-07-28 20:54 . 2009-07-28 20:54 -------- d-----w- c:\documents and settings\Delphine HASSAN\Local Settings\Application Data\Adobe
      2009-07-26 14:48 . 2004-02-02 08:37 11914 ----a-w- c:\windows\system32\drivers\wg3n.sys
      2009-07-26 14:48 . 2004-02-02 08:51 55891 ----a-w- c:\windows\system32\drivers\Teefer.sys
      2009-07-26 14:48 . 2004-02-02 08:53 18518 ----a-w- c:\windows\system32\drivers\wpsdrvnt.sys
      2009-07-26 14:47 . 2004-02-02 10:06 83096 ----a-w- c:\windows\system32\SSSensor.dll
      2009-07-26 14:47 . 2009-07-26 14:47 -------- d-----w- c:\program files\Sygate
      2009-07-26 14:47 . 2009-07-26 14:47 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
      2009-07-26 11:28 . 2009-07-26 11:28 -------- d-----w- c:\documents and settings\Delphine HASSAN\Local Settings\Application Data\Microsoft
      2009-07-26 10:10 . 2009-07-26 10:10 -------- d-----w- c:\windows\system32\XPSViewer
      2009-07-26 10:10 . 2009-07-26 10:10 -------- d-----w- c:\program files\MSBuild
      2009-07-26 10:10 . 2009-07-26 10:10 -------- d-----w- c:\program files\Reference Assemblies
      2009-07-26 10:09 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
      2009-07-26 10:09 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
      2009-07-26 10:09 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
      2009-07-26 10:09 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
      2009-07-26 10:09 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
      2009-07-26 10:09 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
      2009-07-26 10:09 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
      2009-07-25 21:07 . 2009-07-25 21:07 -------- d-----w- c:\program files\trend micro
      2009-07-25 21:07 . 2009-07-25 21:07 -------- d-----w- C:\rsit
      2009-07-23 20:42 . 2009-07-23 20:42 -------- d-----w- C:\FindyKill
      2009-07-23 19:15 . 2009-07-23 19:15 -------- d-----w- c:\documents and settings\Delphine HASSAN\Application Data\GlarySoft
      2009-07-22 21:24 . 2009-07-22 21:24 -------- d-----w- c:\program files\Enigma Software Group
      2009-07-21 21:06 . 2009-07-21 21:06 -------- d-----w- c:\documents and settings\mahamed hassan.NOM-37933E4E8AA\Local Settings\Application Data\Mozilla
      2009-07-21 17:41 . 2009-07-21 17:41 604416 ----a-w- c:\windows\system32\TUProgSt.exe

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2009-08-03 16:31 . 2008-07-29 16:39 12 ----a-w- c:\windows\bthservsdp.dat
      2009-07-26 10:17 . 2004-09-20 15:49 86444 ----a-w- c:\windows\system32\perfc00C.dat
      2009-07-26 10:17 . 2004-09-20 15:49 510304 ----a-w- c:\windows\system32\perfh00C.dat
      2009-07-01 14:25 . 2009-07-01 14:25 -------- d-----w- c:\documents and settings\Delphine HASSAN\Application Data\TuneUp Software
      2009-06-29 15:57 . 2004-09-20 15:49 827392 ----a-w- c:\windows\system32\wininet.dll
      2009-06-29 15:57 . 2009-06-26 05:55 78336 ----a-w- c:\windows\system32\ieencode.dll
      2009-06-29 15:57 . 2004-09-20 15:48 17408 ----a-w- c:\windows\system32\corpol.dll
      2009-06-27 12:07 . 2009-06-27 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
      2009-06-27 12:07 . 2009-06-27 12:07 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
      2009-06-26 05:09 . 2009-06-26 05:09 -------- d-----w- c:\documents and settings\Delphine HASSAN\Application Data\PCToolsFirewallPlus
      2009-06-26 05:09 . 2009-06-26 05:09 -------- d--h--r- c:\documents and settings\Delphine HASSAN\Application Data\yahoo!
      2009-06-25 19:37 . 2009-06-25 19:37 -------- d-----w- c:\documents and settings\mahamed hassan.NOM-37933E4E8AA\Application Data\PCToolsFirewallPlus
      2009-06-25 18:17 . 2009-06-25 18:17 262144 ----a-w- C:\ntuser.dat
      2009-06-18 08:19 . 2009-06-18 08:19 -------- d-----w- c:\program files\Incomplete
      2009-06-16 14:40 . 2004-09-20 15:48 119808 ----a-w- c:\windows\system32\t2embed.dll
      2009-06-16 14:40 . 2004-09-20 15:48 81920 ----a-w- c:\windows\system32\fontsub.dll
      2009-06-03 19:10 . 2004-09-20 15:48 1297408 ----a-w- c:\windows\system32\quartz.dll
      2009-05-07 15:33 . 2004-09-20 15:48 348672 ----a-w- c:\windows\system32\localspl.dll
      .

      ((((((((((((((((((((((((((((( SnapShot@2009-07-29_19.34.18 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2006-12-01 22:46 . 2006-12-01 22:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
      + 2006-12-01 22:08 . 2006-12-01 22:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
      + 2006-12-01 22:26 . 2006-12-01 22:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
      + 2006-12-01 22:25 . 2006-12-01 22:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
      + 2006-12-01 20:56 . 2006-12-01 20:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
      + 2009-08-03 16:32 . 2009-08-03 16:32 16384 c:\windows\Temp\Perflib_Perfdata_5c8.dat
      + 2004-09-20 15:48 . 2009-06-29 15:57 44544 c:\windows\system32\pngfilt.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 44544 c:\windows\system32\pngfilt.dll
      - 2006-11-07 19:03 . 2009-04-29 04:45 52224 c:\windows\system32\msfeedsbs.dll
      + 2006-11-07 19:03 . 2009-06-29 15:57 52224 c:\windows\system32\msfeedsbs.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 27648 c:\windows\system32\jsproxy.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 27648 c:\windows\system32\jsproxy.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 44544 c:\windows\system32\iernonce.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 44544 c:\windows\system32\iernonce.dll
      + 2004-09-20 15:48 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
      - 2004-09-20 15:48 . 2009-04-28 09:06 70656 c:\windows\system32\ie4uinit.exe
      - 2006-10-17 09:58 . 2009-04-29 04:45 63488 c:\windows\system32\icardie.dll
      + 2006-10-17 09:58 . 2009-06-29 15:57 63488 c:\windows\system32\icardie.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 44544 c:\windows\system32\dllcache\pngfilt.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 44544 c:\windows\system32\dllcache\pngfilt.dll
      + 2007-05-10 07:01 . 2009-06-29 15:57 52224 c:\windows\system32\dllcache\msfeedsbs.dll
      - 2007-05-10 07:01 . 2009-04-29 04:45 52224 c:\windows\system32\dllcache\msfeedsbs.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 27648 c:\windows\system32\dllcache\jsproxy.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 27648 c:\windows\system32\dllcache\jsproxy.dll
      - 2007-05-10 07:01 . 2009-04-28 09:06 13824 c:\windows\system32\dllcache\ieudinit.exe
      + 2007-05-10 07:01 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
      + 2004-09-20 15:48 . 2009-06-29 15:57 44544 c:\windows\system32\dllcache\iernonce.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 44544 c:\windows\system32\dllcache\iernonce.dll
      - 2009-06-26 05:55 . 2009-04-29 04:45 78336 c:\windows\system32\dllcache\ieencode.dll
      + 2009-06-26 05:55 . 2009-06-29 15:57 78336 c:\windows\system32\dllcache\ieencode.dll
      + 2004-09-20 15:48 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
      - 2004-09-20 15:48 . 2009-04-28 09:06 70656 c:\windows\system32\dllcache\ie4uinit.exe
      - 2007-08-20 09:59 . 2009-04-29 04:45 63488 c:\windows\system32\dllcache\icardie.dll
      + 2007-08-20 09:59 . 2009-06-29 15:57 63488 c:\windows\system32\dllcache\icardie.dll
      + 2009-06-29 15:57 . 2009-06-29 15:57 17408 c:\windows\system32\dllcache\corpol.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 44544 c:\windows\ie7updates\KB972260-IE7\pngfilt.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 52224 c:\windows\ie7updates\KB972260-IE7\msfeedsbs.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 27648 c:\windows\ie7updates\KB972260-IE7\jsproxy.dll
      + 2009-07-30 06:14 . 2009-04-28 09:06 13824 c:\windows\ie7updates\KB972260-IE7\ieudinit.exe
      + 2009-07-30 06:14 . 2009-04-29 04:45 44544 c:\windows\ie7updates\KB972260-IE7\iernonce.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 78336 c:\windows\ie7updates\KB972260-IE7\ieencode.dll
      + 2009-07-30 06:14 . 2009-04-28 09:06 70656 c:\windows\ie7updates\KB972260-IE7\ie4uinit.exe
      + 2009-07-30 06:14 . 2009-04-29 04:45 63488 c:\windows\ie7updates\KB972260-IE7\icardie.dll
      + 2009-07-30 06:14 . 2008-04-14 02:33 35328 c:\windows\ie7updates\KB972260-IE7\corpol.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 233472 c:\windows\system32\webcheck.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 233472 c:\windows\system32\webcheck.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 105984 c:\windows\system32\url.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 105984 c:\windows\system32\url.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 102912 c:\windows\system32\occache.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 102912 c:\windows\system32\occache.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 671232 c:\windows\system32\mstime.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 671232 c:\windows\system32\mstime.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 193024 c:\windows\system32\msrating.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 193024 c:\windows\system32\msrating.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 477696 c:\windows\system32\mshtmled.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 477696 c:\windows\system32\mshtmled.dll
      + 2006-11-07 19:03 . 2009-06-29 15:57 459264 c:\windows\system32\msfeeds.dll
      - 2006-11-07 19:03 . 2009-04-29 04:45 459264 c:\windows\system32\msfeeds.dll
      - 2006-10-17 09:57 . 2009-04-29 04:45 268288 c:\windows\system32\iertutil.dll
      + 2006-10-17 09:57 . 2009-06-29 15:57 268288 c:\windows\system32\iertutil.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 385024 c:\windows\system32\iedkcs32.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 385024 c:\windows\system32\iedkcs32.dll
      + 2006-10-17 09:27 . 2009-06-29 15:57 380928 c:\windows\system32\ieapfltr.dll
      - 2004-09-20 15:48 . 2009-04-25 05:26 161792 c:\windows\system32\ieakui.dll
      + 2004-09-20 15:48 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 230400 c:\windows\system32\ieaksie.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 230400 c:\windows\system32\ieaksie.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 153088 c:\windows\system32\ieakeng.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 153088 c:\windows\system32\ieakeng.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 133120 c:\windows\system32\extmgr.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 133120 c:\windows\system32\extmgr.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 214528 c:\windows\system32\Dxtrans.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 214528 c:\windows\system32\Dxtrans.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 347136 c:\windows\system32\dxtmsft.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 347136 c:\windows\system32\dxtmsft.dll
      + 2004-09-20 17:49 . 2009-06-29 15:57 827392 c:\windows\system32\dllcache\wininet.dll
      - 2004-09-20 17:49 . 2009-04-29 04:45 827392 c:\windows\system32\dllcache\wininet.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 233472 c:\windows\system32\dllcache\webcheck.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 233472 c:\windows\system32\dllcache\webcheck.dll
      - 2004-09-20 17:48 . 2009-04-29 04:45 105984 c:\windows\system32\dllcache\url.dll
      + 2004-09-20 17:48 . 2009-06-29 15:57 105984 c:\windows\system32\dllcache\url.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 102912 c:\windows\system32\dllcache\occache.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 102912 c:\windows\system32\dllcache\occache.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 671232 c:\windows\system32\dllcache\mstime.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 671232 c:\windows\system32\dllcache\mstime.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 193024 c:\windows\system32\dllcache\msrating.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 193024 c:\windows\system32\dllcache\msrating.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 477696 c:\windows\system32\dllcache\mshtmled.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 477696 c:\windows\system32\dllcache\mshtmled.dll
      - 2007-05-10 07:01 . 2009-04-29 04:45 459264 c:\windows\system32\dllcache\msfeeds.dll
      + 2007-05-10 07:01 . 2009-06-29 15:57 459264 c:\windows\system32\dllcache\msfeeds.dll
      + 2005-04-25 08:01 . 2009-06-29 08:35 634632 c:\windows\system32\dllcache\iexplore.exe
      + 2007-05-10 07:01 . 2009-06-29 15:57 268288 c:\windows\system32\dllcache\iertutil.dll
      - 2007-05-10 07:01 . 2009-04-29 04:45 268288 c:\windows\system32\dllcache\iertutil.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 385024 c:\windows\system32\dllcache\iedkcs32.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 385024 c:\windows\system32\dllcache\iedkcs32.dll
      + 2007-05-10 07:01 . 2009-06-29 15:57 380928 c:\windows\system32\dllcache\ieapfltr.dll
      + 2004-09-20 15:48 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
      - 2004-09-20 15:48 . 2009-04-25 05:26 161792 c:\windows\system32\dllcache\ieakui.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 230400 c:\windows\system32\dllcache\ieaksie.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 230400 c:\windows\system32\dllcache\ieaksie.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 153088 c:\windows\system32\dllcache\ieakeng.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 153088 c:\windows\system32\dllcache\ieakeng.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 133120 c:\windows\system32\dllcache\extmgr.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 133120 c:\windows\system32\dllcache\extmgr.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 214528 c:\windows\system32\dllcache\dxtrans.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 214528 c:\windows\system32\dllcache\dxtrans.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 347136 c:\windows\system32\dllcache\dxtmsft.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 347136 c:\windows\system32\dllcache\dxtmsft.dll
      - 2004-09-20 17:48 . 2009-04-29 04:45 124928 c:\windows\system32\dllcache\advpack.dll
      + 2004-09-20 17:48 . 2009-06-29 15:57 124928 c:\windows\system32\dllcache\advpack.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 124928 c:\windows\system32\advpack.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 124928 c:\windows\system32\advpack.dll
      + 2009-07-31 20:35 . 2009-07-31 20:35 331264 c:\windows\Installer\279e2e.msi
      + 2009-03-20 09:48 . 2009-03-20 09:48 183808 c:\windows\Installer\12c613f.msp
      + 2009-07-30 06:14 . 2009-04-29 04:45 827392 c:\windows\ie7updates\KB972260-IE7\wininet.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 233472 c:\windows\ie7updates\KB972260-IE7\webcheck.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 105984 c:\windows\ie7updates\KB972260-IE7\url.dll
      + 2009-07-30 06:14 . 2009-05-26 11:40 406392 c:\windows\ie7updates\KB972260-IE7\spuninst\updspapi.dll
      + 2009-07-30 06:14 . 2008-07-08 13:03 234872 c:\windows\ie7updates\KB972260-IE7\spuninst\spuninst.exe
      + 2009-07-30 06:14 . 2009-04-29 04:45 102912 c:\windows\ie7updates\KB972260-IE7\occache.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 671232 c:\windows\ie7updates\KB972260-IE7\mstime.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 193024 c:\windows\ie7updates\KB972260-IE7\msrating.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 477696 c:\windows\ie7updates\KB972260-IE7\mshtmled.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 459264 c:\windows\ie7updates\KB972260-IE7\msfeeds.dll
      + 2009-07-30 06:14 . 2009-04-25 05:27 636088 c:\windows\ie7updates\KB972260-IE7\iexplore.exe
      + 2009-07-30 06:14 . 2009-04-29 04:45 268288 c:\windows\ie7updates\KB972260-IE7\iertutil.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 385024 c:\windows\ie7updates\KB972260-IE7\iedkcs32.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 383488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dll
      + 2009-07-30 06:14 . 2009-04-25 05:26 161792 c:\windows\ie7updates\KB972260-IE7\ieakui.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 230400 c:\windows\ie7updates\KB972260-IE7\ieaksie.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 153088 c:\windows\ie7updates\KB972260-IE7\ieakeng.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 133120 c:\windows\ie7updates\KB972260-IE7\extmgr.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 214528 c:\windows\ie7updates\KB972260-IE7\dxtrans.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 347136 c:\windows\ie7updates\KB972260-IE7\dxtmsft.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 124928 c:\windows\ie7updates\KB972260-IE7\advpack.dll
      + 2006-12-01 22:25 . 2006-12-01 22:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
      + 2006-12-01 22:25 . 2006-12-01 22:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
      + 2004-09-20 15:48 . 2009-06-29 15:57 1159680 c:\windows\system32\urlmon.dll
      - 2004-09-20 15:48 . 2009-04-29 04:45 1159680 c:\windows\system32\urlmon.dll
      + 2004-09-20 15:48 . 2009-07-19 13:29 3597824 c:\windows\system32\mshtml.dll
      + 2006-11-07 19:03 . 2009-07-19 13:29 6067200 c:\windows\system32\ieframe.dll
      + 2006-09-05 21:01 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat
      + 2004-09-20 17:48 . 2009-06-29 15:57 1159680 c:\windows\system32\dllcache\urlmon.dll
      - 2004-09-20 17:48 . 2009-04-29 04:45 1159680 c:\windows\system32\dllcache\urlmon.dll
      + 2004-09-20 15:48 . 2009-07-19 13:29 3597824 c:\windows\system32\dllcache\mshtml.dll
      + 2007-05-10 07:01 . 2009-07-19 13:29 6067200 c:\windows\system32\dllcache\ieframe.dll
      + 2007-05-10 07:01 . 2009-06-29 08:33 2452872 c:\windows\system32\dllcache\ieapfltr.dat
      + 2009-07-30 06:14 . 2009-04-29 04:45 1159680 c:\windows\ie7updates\KB972260-IE7\urlmon.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 3596288 c:\windows\ie7updates\KB972260-IE7\mshtml.dll
      + 2009-07-30 06:14 . 2009-04-29 04:45 6066176 c:\windows\ie7updates\KB972260-IE7\ieframe.dll
      + 2009-07-30 06:14 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dat
      .
      -- Snapshot reset to current date --
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]

      [HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]
      2009-07-02 08:18 2215960 ----a-w- c:\program files\Eazel-FR\tbEaze.dll

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]

      [HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
      "{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE}"= "c:\program files\Eazel-FR\tbEaze.dll" [2009-07-02 2215960]

      [HKEY_CLASSES_ROOT\clsid\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
      "PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-04-20 917504]
      "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-26 4429040]
      "Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
      "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 222616]
      "SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-02-24 2446488]
      "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
      "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 723880]
      "ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [2002-08-19 435816]
      "Symantec NetDriver Warning"="c:\progra~1\SYMNET~1\SNDWarn.exe" [2004-10-29 500856]

      c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      ASUS ChkMail.lnk - c:\program files\Asus\Asus ChkMail\ChkMail.exe [2005-4-25 106496]
      hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 106496]
      hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 225280]
      Supervision de Photo Loader.lnk - c:\program files\CASIO\Photo Loader\Plauto.exe [2005-8-1 294912]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
      "DisableTaskMgr"= 1 (0x1)
      "DisableRegistryTools"= 1 (0x1)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "wave1"=SMNT40.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
      "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusOverride"=dword:00000001
      "FirewallOverride"=dword:00000001
      "UacDisableNotify"=dword:00000001
      "UpdatesDisableNotify"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
      "AntiVirusOverride"=dword:00000001
      "AntiVirusDisableNotify"=dword:00000001
      "FirewallDisableNotify"=dword:00000001
      "FirewallOverride"=dword:00000001
      "UpdatesDisableNotify"=dword:00000001
      "UacDisableNotify"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Program Files\\LimeWire\\LimeWire.exe"=
      "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
      "c:\\Program Files\\Free.fr\\connect.exe"=
      "c:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe"=
      "c:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe"=
      "c:\\Program Files\\Symantec\\LiveUpdate\\NDETECT.EXE"=
      "c:\\Program Files\\Symantec\\LiveUpdate\\AUpdate.exe"=
      "c:\\Program Files\\Ahead\\Nero StartSmart\\NeroStartSmart.exe"=
      "c:\\Program Files\\Microsoft Office\\Office\\OSA9.EXE"=
      "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpohmr08.exe"=
      "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
      "c:\\Program Files\\CASIO\\Photo Loader\\Plauto.exe"=
      "c:\\Program Files\\Asus\\Asus ChkMail\\ChkMail.exe"=

      [HKLM\~\Services\\SERVIC~1.EXE"=]
      "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpotdd01.exe"=
      "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoevm08.exe"=
      "c:\\PROGRA~1\\YAHOO!\\Companion\\Installs\\cpn\\ytbb.exe"=
      "c:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\engine\\6\\INTEL3~1\\iKernel.exe"=
      "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
      "c:\\UsbFix\\Tools\\Kill.exe"=
      "c:\\UsbFix\\Tools\\Kill_P.exe"=
      "c:\\WINDOWS\\system32\\cmd.exe"=
      "c:\\PROGRA~1\\Sygate\\SPF\\smc.exe"=
      "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

      R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/02/2009 12:11 55152]
      R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\ejejne.sys --> c:\windows\system32\drivers\ejejne.sys [?]
      R3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\drivers\fbxusb.sys [31/12/2003 11:35 18848]
      S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 607088]
      .
      Contents of the 'Scheduled Tasks' folder

      2009-07-30 c:\windows\Tasks\AppleSoftwareUpdate.job
      - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

      2009-07-30 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series854FF0989A4AA23B58D69D1FF20212903A329E7F122828695.job
      - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

      2009-08-03 c:\windows\Tasks\GlaryInitialize.job
      - d:\glary utilities\initialize.exe [2009-07-23 14:55]

      2009-08-03 c:\windows\Tasks\Symantec NetDetect.job
      - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2008-05-24 14:07]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://fr.yahoo.com
      uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
      mStart Page = hxxp://fr.yahoo.com
      uInternet Connection Wizard,ShellNext = iexplore
      uInternet Settings,ProxyOverride = <local>
      uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
      IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
      DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
      .

      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-08-03 19:21
      Windows 5.1.2600 Service Pack 3 FAT NTAPI

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...

      scan completed successfully
      hidden files: 0

      **************************************************************************
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'explorer.exe'(944)
      c:\windows\system32\WPDShServiceObj.dll
      c:\windows\system32\PortableDeviceTypes.dll
      c:\windows\system32\PortableDeviceApi.dll
      c:\windows\system32\eappprxy.dll
      .
      Completion time: 2009-08-03 19:24
      ComboFix-quarantined-files.txt 2009-08-03 17:24
      ComboFix2.txt 2009-07-29 19:39

      Pre-Run: 1 963 851 776 octets libres
      Post-Run: 2 101 608 448 octets libres

      Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
      379 --- E O F --- 2009-08-02 21:21










      je continue
      0
      1. mayadina > mayadina
         
        euh, impossible de télécharger ces pages, ça tourne, ça tourne, mais rien ne s'ouvre.....

        je reviens plus tard

        merci
        0
      2. mayadina > mayadina
         
        pfff, aucun des liens pour le scan ne s'ouvre.
        0
  2. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok télécharge : dr web cureit . Et colle un rapport avec . À plus
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    fais le message 41 avec dr web cure it
    0
    1. mayadina
       
      ce fut long, mais je ne parviens pas a t'envoyer le rapport, il est très long.

      je vais essayer de le poster en 3 messages
      0
  4. mayadina
     
    Euh non faudrait 20 messages, ca fait 224k, le meiux est par mail si tu veux.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok il a trouvé quelle infection?

    sinon refais un dr web ou un scan en ligne (si virut est trouvé ne fait pas bitdefender) pour vérifier et colle le rapport

    comment va ton pc?

    quels sont les soucis?
    0
Précédent
  • 1
  • 2