Impossible de suprimer page d'accueil

salut fidraman , j'ai suivi la procédure qu te m'a indiqué mais la valeur que tu m'as donné existe deja par copier coller je l'ai remplacé jai ouvert mon IE jai remplacé la page en question par google, fermer, relancer une autre fois IE le pb est tjrs là!

salut
alors suiver ce chemin sur le registre même :
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Internet Explorer/Main

et recherche (à droite) la clé Start Page , supprime la, et re creer la comme suit :
clique droit sur e dosser Main (à gauhe) ==> nouveau ==> valeur chaine ==> nommer la valeur Start Page ==> donner la la valeur : https://www.google.com/?gws_rd=ssl par exemple ou le siteweb que tu le veut etre ta page de démarage.
bonne chance.

salut tjrs pas de resultat espéré

bonsoir pour l'antivirus j'ai kis 7 auquel je fait confiance car j'ai jamais eu un pb d'attaque virale ça ne m'empêche pas d'admettre ton hypothèse merci

bsoir je vais essayé ça va prendre un de temps mais il faut le faire !

bonsoir, pour l'analyse que j'ai effectué par kis7 il a detecté ce qui suit:
autorisés : adresse d'un site de filoutage https://www.emailmeform.com/ URL: https://www.emailmeform.com/builder/form/416320
découvert : cheval de Troie Trojan.Win32.VB.acme Le fichier: C:\latestistefada\MSSCCPRJ.OCX

bsoir ccmistes, aidez moi à résoudre ce pb de cette page d'acceuil maudite et génante j'arrive pas à trouver un issu de secours! merci pour d'avance pour vos efforts

diagnostic de hijakthis:Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:19, on 17/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS.0\system32\HPZipm12.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\system32\hkcmd.exe
C:\WINDOWS.0\VM_STI.EXE
C:\Program Files\Custom Skin Clock\Clock.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\WINDOWS.0\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Common Files\Mdn2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS.0\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Menara\dslmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS.0\system32\NOTEPAD.EXE
C:\WINDOWS.0\system32\NOTEPAD.EXE
C:\WINDOWS.0\system32\msiexec.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://telecharger-sans-limite.com/Tous/Google/Google.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://telecharger-sans-limite.com/Tous/Google/Google.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://telecharger-sans-limite.com/Tous/Google/Google.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.ma/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.ma/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8A321C7D-9CED-45A8-870D-DAE843A45FD0} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS.0\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS.0\system32\hkcmd.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS.0\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [VistaStart1.3] C:\WINDOWS.0\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Wah] C:\Program Files\Common Files\Mdn2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS.0\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Statistiques d'Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\armor2net\armor2net personal firewall\netdog.dll' missing
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - https://www.agame.com/?utm_source=spildomains&utm_medium=redirect&utm_campaign=powersoccer.agame.com
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{468DF9BE-FA00-41F8-9BCE-33DEBE9B46E8}: NameServer = 62.251.229.237 62.251.229.223
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.0\system32\Browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.0\system32\Browseui.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS.0\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS.0\system32\services.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS.0\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS.0\system32\mnmsrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS.0\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS.0\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS.0\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS.0\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS.0\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS.0\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS.0\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

slut , voici rapport complet RSIT:
Logfile of random's system information tool 1.07 (written by random/random)
Run by Administrateur at 2010-05-17 22:48:11
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 11 GB (27%) free of 40 GB
Total RAM: 510 MB (33% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS.0\tasks\AppleSoftwareUpdate.job
C:\WINDOWS.0\tasks\OGALogon.job
C:\WINDOWS.0\tasks\Uniblue SpyEraser.job
C:\WINDOWS.0\tasks\User_Feed_Synchronization-{8B18BC25-12A6-43DF-8D1E-82D4E9B84898}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-03-24 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A321C7D-9CED-45A8-870D-DAE843A45FD0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b69a9db4-d0a1-4722-b56b-f20757a29cdf}]
Live TV Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{b69a9db4-d0a1-4722-b56b-f20757a29cdf} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS.0\system32\igfxtray.exe [2005-10-19 155648]
"HotKeysCmds"=C:\WINDOWS.0\system32\hkcmd.exe [2005-10-19 126976]
"BigDogPath"=C:\WINDOWS.0\VM_STI.EXE [2005-04-27 40960]
"Custom Skin Clock"=C:\Program Files\Custom Skin Clock\Clock.exe [2007-11-23 712704]
"RemoteControl"=C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [2003-10-31 32768]
"VistaStart1.3"=C:\WINDOWS.0\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe [2006-03-20 510464]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"USB Antivirus"=C:\Program Files\USB Disk Security\USBGuard.exe [2008-09-23 798720]
"ClocX"=C:\Program Files\ClocX\ClocX.exe [2004-04-13 103936]
"Wah"=C:\Program Files\Common Files\Mdn2.exe [2009-04-06 298496]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-12-12 198160]
"Athan"=C:\Program Files\Athan\Athan.exe [2010-03-27 1122304]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]
"NeroFilterCheck"=C:\WINDOWS.0\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2008-04-13 25088]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur.POSTE1^Menu Démarrer^Programmes^Démarrage^YahooMessenger.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Menu Démarrer^Programmes^Démarrage^Hyperappel du Petit Larousse 2009.lnk]
C:\PROGRA~1\Larousse\PETITL~1\bin\HYPERA~1.EXE [2008-04-15 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk]
C:\PROGRA~1\WinZip\WZQKPICK.EXE [2007-06-06 394856]

C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\Menara\dslmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS.0\system32\igfxsrvc.dll [2005-10-19 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS.0\system32\klogon.dll [2007-06-28 206088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS.0\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll [2007-11-21 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Ace Translator\AceTrans.exe"="C:\Program Files\Ace Translator\AceTrans.exe:*:Enabled:Ace Translator"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ace Translator\AceTrans.exe"="C:\Program Files\Ace Translator\AceTrans.exe:*:Enabled:Ace Translator"

======List of files/folders created in the last 1 months======

2010-05-17 21:32:01 ----D---- C:\rsit
2010-05-17 00:39:33 ----A---- C:\WINDOWS.0\system32\TwnLib20.dll
2010-05-17 00:39:30 ----N---- C:\WINDOWS.0\system32\ImagXRA7.dll
2010-05-17 00:39:30 ----N---- C:\WINDOWS.0\system32\ImagXR7.dll
2010-05-17 00:39:30 ----N---- C:\WINDOWS.0\system32\ImagXpr7.dll
2010-05-17 00:39:30 ----N---- C:\WINDOWS.0\system32\ImagX7.dll
2010-05-17 00:39:29 ----A---- C:\WINDOWS.0\system32\NeroCheck.exe
2010-05-15 23:07:03 ----D---- C:\Program Files\Trend Micro
2010-05-13 09:16:53 ----HDC---- C:\WINDOWS.0\$NtUninstallKB978542$
2010-05-12 17:59:08 ----D---- C:\Program Files\Kaspersky Lab
2010-05-11 22:46:36 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Sun
2010-05-11 22:46:33 ----D---- C:\Program Files\Fichiers communs\Java
2010-05-11 22:46:01 ----A---- C:\WINDOWS.0\system32\javaws.exe
2010-05-11 22:46:01 ----A---- C:\WINDOWS.0\system32\javaw.exe
2010-05-11 22:46:01 ----A---- C:\WINDOWS.0\system32\java.exe
2010-05-11 22:46:01 ----A---- C:\WINDOWS.0\system32\deployJava1.dll
2010-05-11 13:14:14 ----D---- C:\Documents and Settings\Administrateur.POSTE1\Application Data\QA International
2010-05-11 13:12:29 ----A---- C:\WINDOWS.0\unvise32.exe
2010-05-09 15:54:40 ----A---- C:\WINDOWS.0\system32\d3dx9_27.dll
2010-04-23 16:49:11 ----D---- C:\Program Files\Fichiers communs\Windows Live

======List of files/folders modified in the last 1 months======

2010-05-17 22:42:02 ----D---- C:\WINDOWS.0\Temp
2010-05-17 22:34:16 ----D---- C:\WINDOWS.0\system32\CatRoot2
2010-05-17 22:34:11 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Kaspersky Lab
2010-05-17 22:34:07 ----D---- C:\WINDOWS.0
2010-05-17 22:30:49 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2010-05-17 22:12:58 ----D---- C:\WINDOWS.0\Prefetch
2010-05-17 22:07:21 ----HD---- C:\Config.Msi
2010-05-17 22:07:19 ----SHD---- C:\WINDOWS.0\Installer
2010-05-17 22:07:19 ----SD---- C:\Documents and Settings\Administrateur.POSTE1\Application Data\Microsoft
2010-05-17 16:18:19 ----D---- C:\Program Files\Micro Application
2010-05-17 15:40:16 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-17 15:33:13 ----D---- C:\WINDOWS.0\system32
2010-05-17 14:21:06 ----A---- C:\WINDOWS.0\NeroDigital.ini
2010-05-17 00:40:23 ----D---- C:\WINDOWS.0\system32\drivers
2010-05-17 00:39:34 ----D---- C:\Program Files\Ahead
2010-05-17 00:39:27 ----D---- C:\Program Files\Fichiers communs\Ahead
2010-05-16 22:16:39 ----D---- C:\Documents and Settings\Administrateur.POSTE1\Application Data\uTorrent
2010-05-16 20:48:17 ----D---- C:\latestistefada
2010-05-16 11:08:19 ----D---- C:\WINDOWS.0\Debug
2010-05-15 23:07:03 ----D---- C:\Program Files
2010-05-15 13:27:24 ----SH---- C:\boot.ini
2010-05-15 13:27:24 ----A---- C:\WINDOWS.0\win.ini
2010-05-15 13:27:24 ----A---- C:\WINDOWS.0\system.ini
2010-05-13 09:22:17 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft Help
2010-05-13 09:17:47 ----HD---- C:\WINDOWS.0\inf
2010-05-13 09:17:03 ----RSHDC---- C:\WINDOWS.0\system32\dllcache
2010-05-13 09:17:02 ----D---- C:\Program Files\Outlook Express
2010-05-12 08:32:09 ----HD---- C:\WINDOWS.0\$hf_mig$
2010-05-11 22:46:33 ----D---- C:\Program Files\Fichiers communs
2010-05-11 22:45:45 ----D---- C:\Program Files\Java
2010-05-11 18:36:25 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Kaspersky Lab Setup Files
2010-05-09 15:54:56 ----D---- C:\WINDOWS.0\system32\DirectX
2010-05-09 15:54:53 ----RSD---- C:\WINDOWS.0\assembly
2010-05-09 15:54:47 ----D---- C:\WINDOWS.0\Microsoft.NET
2010-04-30 11:51:08 ----A---- C:\WINDOWS.0\system32\MRT.exe
2010-04-23 21:12:34 ----D---- C:\WINDOWS.0\system32\CatRoot
2010-04-23 16:49:03 ----SD---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft
2010-04-22 22:31:00 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS.0\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS.0\system32\Drivers\eusk2par.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS.0\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 klif;Klif; \??\C:\WINDOWS.0\system32\drivers\klif.sys []
R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS.0\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
R3 ialm;ialm; C:\WINDOWS.0\system32\DRIVERS\ialmnt5.sys [2005-10-19 807998]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS.0\system32\drivers\vinyl97.sys [2006-04-01 163712]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS.0\System32\Drivers\e4ldr.sys [2006-03-02 63555]
S3 a6ax7gbo;a6ax7gbo; C:\WINDOWS.0\system32\drivers\a6ax7gbo.sys []
S3 adywoljl;adywoljl; C:\WINDOWS.0\system32\drivers\adywoljl.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS.0\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS.0\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS.0\system32\DRIVERS\btnetdrv.sys []
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS.0\system32\DRIVERS\vbtenum.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS.0\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS.0\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS.0\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS.0\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS.0\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 mouhid;Pilote HID de souris; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS.0\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS.0\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS.0\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS.0\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS.0\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS.0\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS.0\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS.0\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS.0\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS.0\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS.0\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS.0\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS.0\System32\Drivers\VcommMgr.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS.0\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS.0\system32\DRIVERS\wpdusb.sys [2007-11-21 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS.0\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 ZSMC302;VIMICRO USB PC Camera; C:\WINDOWS.0\System32\Drivers\usbVM31b.sys [2005-04-27 90568]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2001-08-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS.0\system32\HPZipm12.exe [2004-09-29 69632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2008-04-13 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [2009-10-07 129856]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.21006\aspnet_state.exe [2009-10-07 35144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-11-03 918016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [2009-10-07 752984]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe [2009-10-07 124224]

-----------------EOF-----------------

salut j'ai installé malwarebytes maintenant est en excution pour faire un examen complet de mon pc une fois terminé je posterai le rappot : 29 min ecoulé du diagnostic 10 elements infectés .......

salut le rapport de malwarebytes:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19/05/2010 14:44:10
mbam-log-2010-05-19 (14-44-10).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 268670
Temps écoulé: 6 heure(s), 19 minute(s), 15 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 29
Fichier(s) infecté(s): 39

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\fatawaa_lajna_wa_imameen_01.mynshandler (Spyware.AdaEbook) -> No action taken.
HKEY_CLASSES_ROOT\quran_tafseer_05.mynshandler (Spyware.AdaEbook) -> No action taken.
HKEY_CLASSES_ROOT\secrets of windows xp.mynshandler (Spyware.AdaEbook) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e8cfc029-8420-4eae-adef-915bdc77e1dc} (Spyware.AdaEbook) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Live_TV (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\xprepairpro2007 (Rogue.XPRepairPro2007) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Trojan.Agent) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Cleaner (Rogue.Ultimate.Cleaner) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Cleaner\logs (Rogue.Ultimate.Cleaner) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Defender (Rogue.Ultimate.Defender) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Defender\logs (Rogue.Ultimate.Defender) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Fixer (Rogue.Ultimate.Fixer) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Fixer\backup (Rogue.Ultimate.Fixer) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Fixer\logs (Rogue.Ultimate.Fixer) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\WinAntiSpyware 2007\Logs (Rogue.WinAntiSpyware) -> No action taken.
C:\Program Files\Fichiers communs\WinAntiSpyware 2007 Free (Rogue.WinAntiSpyware) -> No action taken.
C:\Program Files\180searchassistant (Adware.180Solutions) -> No action taken.
C:\Program Files\180searchassistant\180SA (Adware.180Solutions) -> No action taken.
C:\Program Files\Bifrost (Backdoor.Bifrose) -> No action taken.
C:\Program Files\Instant Access (Adware.EGDAccess) -> No action taken.
C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> No action taken.
C:\Program Files\NewDotNet (Adware.NewDotNet) -> No action taken.
C:\Program Files\Ofb1 (Adware.OwlForce) -> No action taken.
C:\Program Files\Ultimate Defender (Rogue.Ultimate.Defender) -> No action taken.
C:\Program Files\Ultimate Fixer (Rogue.Ultimate.Fixer) -> No action taken.
C:\Program Files\whInstall (Adware.WebHancer) -> No action taken.
C:\UGA6P (Rogue.Multiple) -> No action taken.
C:\UGA6P\Quar (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\CacheIcons (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\CacheIcons (Trojan.Agent) -> Files: 1455 -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\RadioPlayer (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur.POSTE1\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
C:\System Volume Information\_restore{29BFBF46-669B-4A0F-ADB3-3443549B349F}\RP364\A0375363.exe (Backdoor.IRCBot) -> No action taken.
C:\System Volume Information\_restore{29BFBF46-669B-4A0F-ADB3-3443549B349F}\RP383\A0393973.exe (Rogue.Multiple) -> No action taken.
C:\Program Files\Adobe\Adobe Photoshop CS3\Msvcrt.dll (Malware.Packer.Gen) -> No action taken.
C:\Program Files\Adobe\Adobe Photoshop CS3\Shfolder.dll (Trojan.Agent) -> No action taken.
D:\fatawaa_lajna_wa_imameen_01.exe (Spyware.AdaEbook) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Defender\logs\1172083749.log (Rogue.Ultimate.Defender) -> No action taken.
C:\Documents and Settings\Administrateur\Application Data\WinAntiSpyware 2007\Logs\update.log (Rogue.WinAntiSpyware) -> No action taken.
C:\Program Files\Fichiers communs\WinAntiSpyware 2007 Free\up.dat (Rogue.WinAntiSpyware) -> No action taken.
C:\Program Files\Instant Access\Center\Crazy Girls.upd (Adware.EGDAccess) -> No action taken.
C:\Program Files\Instant Access\Center\SERIALPLAYERS.upd (Adware.EGDAccess) -> No action taken.
C:\Program Files\Instant Access\Center\tray1.ico (Adware.EGDAccess) -> No action taken.
C:\Program Files\NewDotNet\newdotnet7_48.dll (Adware.NewDotNet) -> No action taken.
C:\Program Files\Ultimate Defender\udefender.pkg (Rogue.Ultimate.Defender) -> No action taken.
C:\Program Files\whInstall\license.txt (Adware.WebHancer) -> No action taken.
C:\Program Files\whInstall\readme.txt (Adware.WebHancer) -> No action taken.
C:\Program Files\whInstall\Sporder.dll (Adware.WebHancer) -> No action taken.
C:\Program Files\whInstall\whAgent.inf (Adware.WebHancer) -> No action taken.
C:\Program Files\whInstall\whAgent.ini (Adware.WebHancer) -> No action taken.
C:\Program Files\whInstall\whInstaller.ini (Adware.WebHancer) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\LanguagePack.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\LocalSettings.txt (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\update.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\RadioPlayer\User_Media_List.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.POSTE1\Application Data\addon.dat (Malware.Trace) -> No action taken.
C:\Documents and Settings\Administrateur\Bureau\WinAntiSpyware 2007.lnk (Rogue.WinAntiSpyware) -> No action taken.
C:\.protected (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk (Rogue.Link) -> No action taken.
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\.protected (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\.protected (Rogue.Multiple) -> No action taken.
C:\WINDOWS.0\explorer.backup (Heuristics.Reserved.Word.Exploit) -> No action taken.

salut le rapport d'analyse après avoir supprimé les element infectés:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19/05/2010 14:50:28
mbam-log-2010-05-19 (14-50-28).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 268670
Temps écoulé: 6 heure(s), 19 minute(s), 15 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 29
Fichier(s) infecté(s): 39

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\fatawaa_lajna_wa_imameen_01.mynshandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\quran_tafseer_05.mynshandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secrets of windows xp.mynshandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e8cfc029-8420-4eae-adef-915bdc77e1dc} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\xprepairpro2007 (Rogue.XPRepairPro2007) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Cleaner (Rogue.Ultimate.Cleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Cleaner\logs (Rogue.Ultimate.Cleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Defender (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Defender\logs (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Fixer (Rogue.Ultimate.Fixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Fixer\backup (Rogue.Ultimate.Fixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Fixer\logs (Rogue.Ultimate.Fixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\WinAntiSpyware 2007\Logs (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\WinAntiSpyware 2007 Free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\180searchassistant (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180searchassistant\180SA (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\Ofb1 (Adware.OwlForce) -> Quarantined and deleted successfully.
C:\Program Files\Ultimate Defender (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully.
C:\Program Files\Ultimate Fixer (Rogue.Ultimate.Fixer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\UGA6P (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\UGA6P\Quar (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\CacheIcons (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\CacheIcons (Trojan.Agent) -> Files: 1455 -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\RadioPlayer (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur.POSTE1\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{29BFBF46-669B-4A0F-ADB3-3443549B349F}\RP364\A0375363.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{29BFBF46-669B-4A0F-ADB3-3443549B349F}\RP383\A0393973.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Photoshop CS3\Msvcrt.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Photoshop CS3\Shfolder.dll (Trojan.Agent) -> Quarantined and deleted successfully.
D:\fatawaa_lajna_wa_imameen_01.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\Ultimate Defender\logs\1172083749.log (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\WinAntiSpyware 2007\Logs\update.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\WinAntiSpyware 2007 Free\up.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center\Crazy Girls.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center\SERIALPLAYERS.upd (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet\newdotnet7_48.dll (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\Ultimate Defender\udefender.pkg (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\license.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\readme.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\Sporder.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\whAgent.inf (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\whAgent.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\whInstaller.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\LanguagePack.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\LocalSettings.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\update.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\RadioPlayer\User_Media_List.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.POSTE1\Application Data\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Bureau\WinAntiSpyware 2007.lnk (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\.protected (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\.protected (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\.protected (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS.0\explorer.backup (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

bonsoir , j'ai tout fait tout essayé le probleme réside dans ces trois lignes du diagnostic de hijackthis:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://telecharger-sans-limite.com/Tous/Google/Google.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://telecharger-sans-limite.com/Tous/Google/Google.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://telecharger-sans-limite.com/Tous/Google/Google.htm
losque j'entre dans le registre je ne trouve pas ces trois lignes ! par exemple je trouve:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [https://www.google.co.ma/?gws_rd=ssl de même pour les autres lignes,,,,,,,,
merci pour tes efforts crapoulou

salut j'ai fait une analyse avec hijackthis j'ai fixé les cases cochés j'ai redemarrer mon pc voici le fichier log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:58:14, on 20/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS.0\system32\HPZipm12.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\system32\hkcmd.exe
C:\WINDOWS.0\VM_STI.EXE
C:\Program Files\Custom Skin Clock\Clock.exe
C:\WINDOWS.0\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Common Files\Mdn2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Menara\dslmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.co.ma/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.co.ma/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.co.ma/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.ma/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8A321C7D-9CED-45A8-870D-DAE843A45FD0} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS.0\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS.0\system32\hkcmd.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS.0\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe
O4 - HKLM\..\Run: [VistaStart1.3] C:\WINDOWS.0\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Wah] C:\Program Files\Common Files\Mdn2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Statistiques d'Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\armor2net\armor2net personal firewall\netdog.dll' missing
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - https://www.agame.com/?utm_source=spildomains&utm_medium=redirect&utm_campaign=powersoccer.agame.com
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{468DF9BE-FA00-41F8-9BCE-33DEBE9B46E8}: NameServer = 62.251.229.237 62.251.229.223
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS.0\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

bsoir ' j'ai desinsttallé IE8 et je l'ai reinsttallé ', j'ai changé la page d'accueil dans options internet mais le pb n'est pas resolu! rien à signaler dans le registre. ce pb est plus fort que je crois mais je vais pas perdre l'espoir . chaque pb a une solution comme dit un proverbe anglais " try once try twice and never say i can't" : essaie une fois deux fois et ne jamais dire je peux pas. merci

.
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 19/05/10 à 19:20
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:49:29 le 20/05/2010 | Mode normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft Windows XP Professionnel (Service Pack 3 - X86)
Nom du PC: POSTE1
Utilisateur actuel: Administrateur
.
============== ELEMENT(S) NEUTRALISE(S) ==============
.
.
C:\Documents and Settings\Administrateur.POSTE1\Application Data\DesktopIcon
C:\Program Files\AskPBar

(!) -- Fichiers temporaires supprimés.
.
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
.
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version Impossible d'obtenir la version *
.
C:\Documents and Settings\Administrateur.POSTE1\..\p7xh3vqu.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.8.1.11
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS.0\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS.0\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 14 Fichier(s)
.
C:\Ad-Report-CLEAN[1].txt - 2242 Octet(s)
.
Fin à: 23:00:03, 20/05/2010
.
============== E.O.F - CLEAN[1] ==============

salut..
1. ========================= SEAF 1.0.0.7 - C_XX
2.
3. Commencé à: 00:02:10 le 21/05/2010
4.
5. Valeur(s) recherchée(s):
6.
7. ..telecharger
8. limite
9. http://telecharger-sans-limite.com
10.
11. (!) --- Affichage des ADS
12. (!) --- Informations supplémentaires
13. (!) --- Recherche registre
14.
15. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
16.
17. "c:\Program Files\Real\RealPlayer\producer\Tools\audiolimiter.dll" [ ----A---- | 86100 ]
18. TC: 24/03/2010,23:29:33 | TM: 24/03/2010,23:29:33 | DA: 24/03/2010,23:29:33
19.
20. CompagnyName:
21. ProductName: Helix Producer SDK from RealNetworks
22. LegalCopyright: Copyright(c) RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.
23. ProductVersion: 10.0.0.335
24. FileVersion: 10.0.0.335
25.
26. =========================
27.
28. "c:\Program Files\Real\RealPlayer\converter\Producer\Tools\audiolimiter.dll" [ ----A---- | 34304 ]
29. TC: 24/03/2010,23:28:40 | TM: 24/03/2010,23:28:40 | DA: 24/03/2010,23:28:40
30.
31. CompagnyName:
32. ProductName: Helix Producer SDK from RealNetworks
33. LegalCopyright: Copyright(c) RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.
34. ProductVersion: 11.1.0.2848
35. FileVersion: 11.1.0.2848
36.
37. =========================
38.
39. "c:\Program Files\Micro Application\Votre Avocat à Domicile\courriers\Les impôts\Prélèvement à la date limite de paiement (pour tous les impôts directs).rtf" [ ----A---- | 4088 ]
40. TC: 19/03/2009,23:14:59 | TM: 25/06/2003,15:28:14 | DA: 03/05/2009,14:34:51
41.
42.
43. =========================
44.
45. "c:\Program Files\Fichiers communs\AVSMedia\ActiveX\RMBin\tools\audiolimiter.dll" [ ----A---- | 49235 ]
46. TC: 08/03/2008,17:51:18 | TM: 13/08/2008,10:23:10 | DA: 10/03/2010,19:50:01
47.
48. CompagnyName:
49. ProductName: Helix Producer SDK from RealNetworks
50. LegalCopyright: Copyright(c) RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.
51. ProductVersion: 10.0.0.545
52. FileVersion: 10.0.0.545
53.
54. =========================
55.
56. "c:\Documents and Settings\Administrateur.POSTE1\Local Settings\Temporary Internet Files\Content.IE5\D0NODPLG\telecharger-sans-limite_com[1].htm" [ ----A---- | 21764 ]
57. TC: 20/05/2010,23:57:03 | TM: 20/05/2010,23:57:05 | DA: 20/05/2010,23:57:03
58.
59.
60. =========================
61.
62. "c:\Documents and Settings\Administrateur.POSTE1\Cookies\administrateur@telecharger-sans-limite[1].txt" [ ----A---- | 292 ]
63. TC: 20/05/2010,22:35:14 | TM: 20/05/2010,22:35:14 | DA: 20/05/2010,22:35:14
64.
65.
66. =========================
67.
68. "c:\Documents and Settings\Administrateur.POSTE1\Application Data\Canneverbe_Limited\cdbxpp.exe_Url_nfryvllqiqb1hla4nzefaejvhwflc2o0\4.2.5.1541\user.config" [ ----A---- | 6690 ]
69. TC: 12/10/2009,22:54:41 | TM: 19/04/2010,16:55:18 | DA: 19/04/2010,16:55:18
70.
71.
72. =========================
73.
74. "c:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\B9PZ4A6S\310x138_s_limiteclick[1].jpg" [ ----A---- | 12157 ]
75. TC: 04/04/2007,20:03:16 | TM: 04/04/2007,20:03:19 | DA: 03/05/2009,14:06:08
76.
77. /!\ ADS: Accès refusé. , Byte(s)
78.
79. =========================
80.
81. ====== Dossier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
82.
83. "c:\Documents and Settings\All Users.WINDOWS.0\Application Data\Canneverbe Limited" [ ----D---- ]
84. TC: 12/10/2009,22:54:31 | TM: 12/10/2009,22:54:31 | DA: 12/10/2009,22:54:31
85.
86. =========================
87.
88. "c:\Documents and Settings\All Users.WINDOWS.0\Application Data\Canneverbe Limited\CDBurnerXP" [ ----D---- ]
89. TC: 12/10/2009,22:54:31 | TM: 12/10/2009,22:54:31 | DA: 12/10/2009,22:54:31
90.
91. =========================
92.
93. "c:\Documents and Settings\All Users.WINDOWS.0\Application Data\Canneverbe Limited\CDBurnerXP\4.2.5.1541" [ ----D---- ]
94. TC: 12/10/2009,22:54:31 | TM: 12/10/2009,22:54:31 | DA: 12/10/2009,22:54:31
95.
96. =========================
97.
98. "c:\Documents and Settings\Administrateur.POSTE1\Application Data\Canneverbe_Limited" [ ----D---- ]
99. TC: 12/10/2009,22:54:41 | TM: 12/10/2009,22:54:41 | DA: 12/10/2009,22:54:41
100.
101. =========================
102.
103. "c:\Documents and Settings\Administrateur.POSTE1\Application Data\Canneverbe_Limited\cdbxpp.exe_Url_nfryvllqiqb1hla4nzefaejvhwflc2o0" [ ----D---- ]
104. TC: 12/10/2009,22:54:41 | TM: 12/10/2009,22:54:41 | DA: 12/10/2009,22:54:41
105.
106. =========================
107.
108. "c:\Documents and Settings\Administrateur.POSTE1\Application Data\Canneverbe_Limited\cdbxpp.exe_Url_nfryvllqiqb1hla4nzefaejvhwflc2o0\4.2.5.1541" [ ----D---- ]
109. TC: 12/10/2009,22:54:41 | TM: 19/04/2010,16:55:18 | DA: 19/04/2010,16:55:18
110.
111. =========================
112.
113.
114. ====== Entrée(s) du registre ======
115.
116.
117.
118.
119.
120. [HKEY_CLASSES_ROOT\Interface\{54DF358E-CF38-4010-99F1-F44B0E9000E5}]
121. ""="IWMPSubscriptionServiceLimited"
122.
123. [HKEY_CLASSES_ROOT\Interface\{D92E45A1-C7C0-4380-BEA1-10BEB57D9610}]
124. ""="ILimitedItemsView"
125.
126. [HKEY_CLASSES_ROOT\Software\RealNetworks\Update\6.0\Preferences\Components\rjeplug:1.0\File7]
127. ""="C:\Program Files\Real\RealPlayer\Producer\Tools\audiolimiter.dll"
128.
129. [HKEY_CLASSES_ROOT\TypeLib\{C84395DD-A841-11D4-B06C-00500427A693}\1.7]
130. ""="vbAccelerator VB6 Popup Menu DLL. Create unlimited new pop-up menus."
131.
132. [HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Preferences]
133. "AppColorLimited"=""
134.
135. [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main]
136. "Start Page"="http://www.telecharger-sans-limite.com/"
137.
138. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{54DF358E-CF38-4010-99F1-F44B0E9000E5}]
139. ""="IWMPSubscriptionServiceLimited"
140.
141. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D92E45A1-C7C0-4380-BEA1-10BEB57D9610}]
142. ""="ILimitedItemsView"
143.
144. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\rjeplug:1.0\File7]
145. ""="C:\Program Files\Real\RealPlayer\Producer\Tools\audiolimiter.dll"
146.
147. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C84395DD-A841-11D4-B06C-00500427A693}\1.7]
148. ""="vbAccelerator VB6 Popup Menu DLL. Create unlimited new pop-up menus."
149.
150. [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Microsoft Outlook\Capabilities]
151. "ApplicationDescription"="Microsoft Office Outlook 2007 fournit une solution intégrée vous permettant d'optimiser la gestion du temps et de l'information, de vous connecter sans limites et de garder le contrôle en toute sécurité. Ce gestionnaire complet du temps et de l'information vous aide dans l'organisation et la recherche des informations dont vous avez besoin. Avec Office Outlook 2007, vous pouvez partager en toute sécurité des informations avec vos collègues, vos amis et votre famille, quel que soit l'endroit où ils se trouvent. Office Outlook 2007 facilite la définition de vos priorités et le contrôle de votre temps, afin que vous puissiez vous concentrer sur les choses importantes."
152.
153. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup\Shell.Shell32\RegBackup\0.map]
154. "29c142c76d994375"=",33,HKLM,Software\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{2AD91900-A873-11cf-9A80-00AA00C16E65},CTXMENU_LIMITEDQI,"
155.
156. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Jet\3.5\Engines\Text]
157. "Format"="Delimited(;)"
158.
159. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Jet\4.0\Engines\Text]
160. "Format"="Delimited(;)"
161.
162. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\Access Connectivity Engine\Engines\Text]
163. "Format"="CSVDelimited"
164.
165. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Speech\PhoneConverters\Tokens\Japanese\Attributes]
166. "NoDelimiter"=""
167.
168. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{2AD91900-A873-11cf-9A80-00AA00C16E65}]
169. "CTXMENU_LIMITEDQI"=""
170.
171. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}\{2201A137-014B-47D1-808C-E3526E388EAD}\Ndi]
172. "HelpText"="Un protocole associé à la couche TCP/IP qui maintient les limites de messages. Cette instance du protocole est prévue pour être utilisée par le protocole de partage de fichiers."
173.
174. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}\{2201A137-014B-47D1-808C-E3526E388EAD}\Ndi]
175. "HelpText"="Un protocole associé à la couche TCP/IP qui maintient les limites de messages. Cette instance du protocole est prévue pour être utilisée par le protocole de partage de fichiers."
176.
177. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}\{2201A137-014B-47D1-808C-E3526E388EAD}\Ndi]
178. "HelpText"="Un protocole associé à la couche TCP/IP qui maintient les limites de messages. Cette instance du protocole est prévue pour être utilisée par le protocole de partage de fichiers."
179.
180. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}\{2201A137-014B-47D1-808C-E3526E388EAD}\Ndi]
181. "HelpText"="Un protocole associé à la couche TCP/IP qui maintient les limites de messages. Cette instance du protocole est prévue pour être utilisée par le protocole de partage de fichiers."
182.
183. [HKEY_USERS\S-1-5-21-220523388-1645522239-725345543-500\Software\Microsoft\MediaPlayer\Preferences]
184. "AppColorLimited"=""
185.
186. [HKEY_USERS\S-1-5-21-220523388-1645522239-725345543-500\Software\Policies\Microsoft\Internet Explorer\Main]
187. "Start Page"="http://www.telecharger-sans-limite.com/"
188.
189.
190.
191. =========================
192.
193. Fin à: 00:15:04 le 21/05/2010 ( E.O.F )

salut le probléme est resolu crapoulou , grace à l'oeil du dragon SEAF 1.0.0.7 - C_XX dans les lignes 135 et 136 de son rapport tt simplement je suis allé dans le registre et j'ai modifié :. [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.telecharger-sans-limite.com/"
en:. [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.co.ma/"
j'ai relancer IE8 google s'est affiche maintenant je peux dormir tranquillement MERCI INFINIMENT CRAPOULOU c'est très gentil merci pour les autres ccmistes optimistes pour leurs suggestions

bonjour j'ai ccleaner je l'utilise souvent est ce qu'il peut faire la même tâche que ToolsCleaner2? pour le Malwarebytes il rend mon pc tres lourd ettouffé je l'ai desinstallé merci

salut , le rapport du tcleaner:
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\fixnavi.txt: trouvé !
C:\Rsit: trouvé !
C:\Ad-remover: trouvé !
C:\Ad-Remover\Backup\Ad-R.exe: trouvé !
C:\Documents and Settings\Administrateur.POSTE1\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HijackThis.exe: trouvé !
C:\Documents and Settings\Administrateur.POSTE1\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Administrateur.POSTE1\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\Administrateur.POSTE1\Bureau\Ad-R.exe: trouvé !
C:\Documents and Settings\Administrateur.POSTE1\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\Administrateur.POSTE1\Menu Démarrer\Programmes\HiJackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Ad-Remover\Backup\Ad-R.exe: supprimé !
C:\Documents and Settings\Administrateur.POSTE1\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Administrateur.POSTE1\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Administrateur.POSTE1\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\Administrateur.POSTE1\Bureau\Ad-R.exe: supprimé !
C:\Documents and Settings\Administrateur.POSTE1\Menu Démarrer\Programmes\HiJackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\fixnavi.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Rsit: supprimé !
C:\Ad-remover: supprimé !
C:\Documents and Settings\Administrateur.POSTE1\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users.WINDOWS.0\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

bonsoir 'j'ai suprimé toolscleaner et C:\TCleaner.txt. pour le logiciel je me rappele plus,
je te souhaitrai bon weekend amuse toi bien. moi aussi j'ai qlques jours de repos je vais partir en voyage, de retour, je t'envoyerai un message merci

bonsoir pour le logiciel j'ai essayé de me rafraichir la memoire pour me rappeler de son nom mais ça m'a revenu pas. bnuit merci

Ok, tant pis.
Si ça revient, n'hésite pas à repasser ;-).

pour réinstaller

https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70

salut je viens de le faire mais pas de résultats ++++++++++++++ merci

Pas étonnant ;-).

salut. toutes ces démarches n'aboutient pas! merci bien