tandouri

Euuhh comment je fais alors? lol Pr Horus, la liste apparait bien en blanc..

Bonsoir, J'ai reussi a bloquer les 2 sites mais pas celui ci : http://fr.skyrock.com/blog/ Du cout l'accès au site n'est pa vraiment bloquer.. Ce n'est pa une série de 0 mais la série suivante qui s'affiche : " 127.0.0.1 " Est ce que c'est différent? ou il n'y a pas d'importance? Merci pour votre aide, et désoler d'avoir répondu aussi tardivement :s

bonsoir androme! J'ai installé adblock plus, problème : il n'est pas indiqué comment bloquée les sites tendance sexuelle, ni les tchat.. J'ai reussi a bloquée skyblog.com mais l'accès avec l'url skyrock.com est toujours disponible, meme quand je bloque le site.. DU cout je suis un peux au même point Merci pour vos aides, bonne soirée

Bonjour, Merci oGu Alr j'ai installé le fichier Host. J'ai reussi a bloqué des sites mais certain non par exemple : http://www.skyrock.com/blog/ ou encore http://www.skyrock.com/blog/?connect=1 J'ai essayé en mettant www.skyblog.com mais tjr rien.. Comment je peux faire? Ensuite pour bloquer tout les chat, comment je peux faire?Faut il bloquer site par site ( jspr ke non sinn j'en aurai jms fini lol)? Merci bcp pour votre aide !!

Euh non je ne connais pas , j'suis pas trop une pro de l'infrmatique Je voudrais bloquer les sites de chat, de rencontre...Et des sites a tendance sexuelle, porno tout ce qui est pas très catholique quoi.. AInsi que des sites précis, par exemple si je peux bloqué des site juste en mettant leur Url ex: http://www.zebulon.fr J'ai reussi avec internet explorer sans pb.

Bonjour,, J'ai essayé de chercher sur le forum, sur le net etc mais en vain je n'ai pas trouvé comment faire pour renforcé la sécurité sur moxilla. Je ne sais pas quel extention installé.. Je voudrais pouvoir completement bloquer l'acces a certain site... Est ce que quelq'un pourait m'aidet svp? Merci

Bonjour !! Je souhaite m'acheter un pc portable, j'aurais besoin de conseil..Connaissant pas grd chose sur les ordinateur, ni la memoire... Le pc sera utilisé pour internet, traitement de texte, sauvegarde de fichier ( video courte, doc, photos)... Un pc pas luxueu quoi, maximum 500€ J'ai regardé dans diffents site il y a deux pc interessants http://www.surcouf.com/Catalogue/FicheProd...product=9653478 http://www.darty.com/nav/achat/multimedia/...able/index.html Quel est la différence entre les deux pc?? au niveau de la mémoire, qualité etc.. Merci de votre aide Bonne soirée

C'est fait !! UN GRAND MERCI ANGELIQUE :P

Désolé pour cette absence.. Je n'ai aps reussi a mettre a jour Java, il me dise que le progrramme est en cour d'execution ( this programme is already running) donc tu coup je en peux pas suivr la procédure que tu me donnes..:s Merci encore

pour le piont de restauration c'est bon j'ai pu en crée un merci

ah merci !! Alors c'était " afficher les element du bureau" qui n'était pas coché...Le pc est réglé Tout est réglé il me semble non? aah une petit chose encore lol , depuis que j'ai installé installe IE7 les pages d'internet explorer est un peu flou... pour firefox je n'ai aucun problème:) Merci pour ton aide c'est vrmnt sympa de ta part

Alr j'ai suivi toute la procédure que tu m'as donné juste j'ia aps reussi a créer un nvo point de restauration ( le lien que tu m'as donné ne fonctionnais pas ) Ensuite j'ai un petit soucis les élément du bureau de s'affiche pas je ne sais pas pourquoi.. qu'est ce que je dois faire :$ Je te poste le raport de hijackthis, je te remercie encore une fois pour ton aide angélique Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:20:38, on 18/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\TASLEEM\LOCALS~1\Temp\Rar$EX00.812\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1143150274147 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 6308 bytes

Le scanne vien de finir je te porte le rapport. Merci encore angélique Avira AntiVir Personal Report file date: mardi 16 septembre 2008 20:33 Scanning for 1619498 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: TASLEEM Computer name: TASLIM Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 22:44:04 ANTIVIR3.VDF : 7.0.6.166 109056 Bytes 16/09/2008 16:28:41 Engineversion : 8.1.1.28 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.70 319866 Bytes 15/09/2008 22:44:12 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.1.1 397683 Bytes 15/09/2008 22:44:11 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.23 196987 Bytes 15/09/2008 22:44:10 AEHEUR.DLL : 8.1.0.51 1397111 Bytes 15/09/2008 22:44:10 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.36 315764 Bytes 15/09/2008 22:44:07 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.11 172406 Bytes 15/09/2008 22:44:06 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 15/09/2008 22:44:05 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Manual Selection Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: A:, C:, D:, E:, F:, G:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mardi 16 septembre 2008 20:33 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'A:\' [iNFO] In the drive 'A:\' no data medium is inserted! Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '41' files ). Starting the file scan: Begin scan in 'A:\' Search path A:\ could not be opened! System error [21]: Le périphérique n'est pas prêt. Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Qoobox\Quarantine\C\Program Files\dbar\basis.xml.vir [DETECTION] Is the TR/Horse.JY Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\Program Files\rhcp5kj0ege5\rhcp5kj0ege5.exe.vir [DETECTION] Is the TR/XPAntivirus.AJ Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\Program Files\rhcp5kj0ege5\Uninstall.exe.vir [DETECTION] Is the TR/Agent.abvh Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\a.exe.vir [DETECTION] Is the TR/Dldr.Small.aces Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\lphct5kj0ege5.exe.vir [DETECTION] Contains a recognition pattern of the (harmful) BDS/Frauder.AT back-door program [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\phct5kj0ege5.bmp.vir [DETECTION] Is the TR/Fakealert.AAF Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\pphct5kj0ege5.exe.vir [DETECTION] Is the TR/Dldr.FraudLoa.NC Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\sysrest32.exe.vir [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\tdssadw.dll.vir [DETECTION] Contains recognition pattern of the RKIT/Clbd.JG root kit [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\tdssl.dll.vir [DETECTION] Is the TR/Dldr.Small.acpi Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\tdsslog.dll.vir [DETECTION] Is the TR/Injector.Light.B Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\tdssmain.dll.vir [DETECTION] Is the TR/Injector.Light.C Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\tdssserf.dll.vir [DETECTION] Is the TR/Dldr.FraudLoad.vbxt Trojan [NOTE] The file was deleted! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\tdssserv.sys.vir [DETECTION] Is the TR/Peed.A.732 Trojan [NOTE] The file was deleted! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' Search path D:\ could not be opened! System error [21]: Le périphérique n'est pas prêt. Begin scan in 'E:\' Search path E:\ could not be opened! System error [21]: Le périphérique n'est pas prêt. Begin scan in 'F:\' <Données> Begin scan in 'G:\' Search path G:\ could not be opened! System error [21]: Le périphérique n'est pas prêt. End of the scan: mardi 16 septembre 2008 22:39 Used time: 2:06:28 Hour(s) The scan has been done completely. 14621 Scanning directories 395738 Files were scanned 14 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 14 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 395722 Files not concerned 5388 Archives were scanned 2 Warnings 14 Notes

Pour l'analyse malware, celle d'antivir je vais faire le scanne et je te le poste, merci encore pour ton aide : Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1158 Windows 5.1.2600 Service Pack 2 15/09/2008 23:52:34 mbam-log-2008-09-15 (23-52-34).txt Type de recherche: Examen rapide Eléments examinés: 46479 Temps écoulé: 4 minute(s), 58 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 42 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 7 Fichier(s) infecté(s): 5 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{9720de03-5820-4059-b4a4-639d5e52bd09} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Settings\Application Data (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Settings\TASLEEM (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Documents and Settings\Talha\Application Data\Deskbar_{A287A2A1-E736-43b1-83DD-CCC1BA9029E9} (Adware.SoftMate) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\MySearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MySearch\bar\Settings\settings.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Documents and Settings\Talha\Application Data\Deskbar_{A287A2A1-E736-43b1-83DD-CCC1BA9029E9}\log.txt (Adware.SoftMate) -> Quarantined and deleted successfully. C:\WINDOWS\system32\npqss.tmp (Malware.Trace) -> Quarantined and deleted successfully.

lol pas grave si tu l'avais zappé alors je vais te posterles analyse, je vais faire une analyse par poste je pense que sa sera plus facile pour toi donc, pour la 1ere celle avec conbofix : ComboFix 08-09-15.01 - TASLEEM 2008-09-15 22:39:04.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.70 [GMT 2:00] Lancé depuis: C:\Documents and Settings\TASLEEM\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\TASLEEM\Bureau\CFScript.txt * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\TASLEEM\Application Data\EoRezo C:\Documents and Settings\TASLEEM\Application Data\EoRezo\cmhost.cyp C:\Documents and Settings\TASLEEM\Application Data\EoRezo\ConfMedia.cyp C:\Documents and Settings\TASLEEM\Application Data\EoRezo\db\cat.cyp C:\Documents and Settings\TASLEEM\Application Data\EoRezo\eoDesktop\config.xml C:\Documents and Settings\TASLEEM\Application Data\EoRezo\eoDesktop\eoDesktop.html C:\Documents and Settings\TASLEEM\Application Data\EoRezo\eoDesktop\userConfig.xml C:\Documents and Settings\TASLEEM\Application Data\EoRezo\eoStats\eoStats.txt C:\Documents and Settings\TASLEEM\Application Data\EoRezo\host.cyp C:\Documents and Settings\TASLEEM\Application Data\EoRezo\user.cyp C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport\cs\Config.xml C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport\cs\db\Aliases.dbs C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport\cs\db\Sites.dbs C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport\cs\dwld\WhiteList.xip C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport\cs\report\aggr_storage.xml C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport\cs\report\send_storage.xml C:\Documents and Settings\TASLEEM\Application Data\ShoppingReport\cs\res1\WhiteList.dbs C:\Documents and Settings\TASLEEM\Cookies\tasleem@bluestreak[2].txt C:\Documents and Settings\TASLEEM\Cookies\[email protected][2].txt C:\Documents and Settings\TASLEEM\Cookies\tasleem@serving-sys[1].txt C:\Program Files\dbar C:\Program Files\EoRezo C:\Program Files\EoRezo\EoAdv\eoAdv.url C:\Program Files\EoRezo\EoAdv\EoRezoBho.old C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.9046 C:\Program Files\rhcp5kj0ege5 C:\Program Files\rhcp5kj0ege5\database.dat C:\Program Files\rhcp5kj0ege5\license.txt C:\Program Files\rhcp5kj0ege5\MFC71.dll C:\Program Files\rhcp5kj0ege5\MFC71ENU.DLL C:\Program Files\rhcp5kj0ege5\msvcp71.dll C:\Program Files\rhcp5kj0ege5\msvcr71.dll C:\Program Files\rhcp5kj0ege5\rhcp5kj0ege5.exe C:\Program Files\rhcp5kj0ege5\rhcp5kj0ege5.exe.local C:\Program Files\rhcp5kj0ege5\Uninstall.exe C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport\cs\Config.xml C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport\cs\db\Aliases.dbs C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport\cs\db\Sites.dbs C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport\cs\dwld\WhiteList.xip C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport\cs\report\aggr_storage.xml C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport\cs\report\send_storage.xml C:\WINDOWS\system32\config\systemprofile\Application Data\ShoppingReport\cs\res1\WhiteList.dbs C:\WINDOWS\system32\tdssserf.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2008-08-15 au 2008-09-15 )))))))))))))))))))))))))))))))))))) . 2008-09-10 19:52 . 2008-09-10 19:52 <REP> d-------- C:\Program Files\Avira 2008-09-07 17:35 . 2008-09-07 17:35 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db 2008-09-05 19:30 . 2008-09-05 19:42 <REP> d-------- C:\HJT 2008-08-31 22:30 . 2008-08-31 22:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-08-31 19:08 . 2008-08-31 19:08 <REP> d-------- C:\Program Files\Panda Security 2008-08-30 23:38 . 2008-09-10 19:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-30 20:20 . 2008-09-14 21:55 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-08-15 16:32 . 2008-09-15 19:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-15 20:15 --------- d-----w C:\Program Files\Yahoo! 2008-09-15 20:10 --------- d-----w C:\Program Files\OpenOffice.org 2.4 2008-09-15 20:01 --------- d-----w C:\Documents and Settings\TASLEEM\Application Data\OpenOffice.org2 2008-09-15 14:55 --------- d-----w C:\Documents and Settings\TASLEEM\Application Data\Yahoo! 2008-09-06 22:12 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-09-06 22:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-09-06 19:01 --------- d-----w C:\Documents and Settings\TASLEEM\Application Data\U3 2008-08-25 16:59 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-25 16:59 --------- d-----w C:\Program Files\FaxTools 2008-08-25 16:57 --------- d-----w C:\Program Files\Gamenext 2008-08-15 14:36 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-08-15 14:32 --------- d-----w C:\Program Files\Google 2008-08-07 17:10 --------- d-----w C:\Documents and Settings\TASLEEM\Application Data\Planit International 2008-08-07 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Planit Fusion Live Hygena 2008-07-28 00:39 --------- d-----w C:\Program Files\ItsLabel 2008-07-26 11:21 --------- d-----w C:\Documents and Settings\TASLEEM\Application Data\ItsLabel 2008-07-21 19:15 --------- d-----w C:\Documents and Settings\TASLEEM\Application Data\dvdcss 2007-05-11 00:49 0 -c--a-w C:\Program Files\acs3DB.tmp 2007-03-25 20:54 6,820,520 ----a-w C:\Program Files\FirefoxGoogleToolbarSetup.exe 2006-04-08 16:21 3,216,424 ----a-w C:\Documents and Settings\TASLEEM\picasa2-setup-1877.exe . ((((((((((((((((((((((((((((( snapshot@2008-09-06_21.35.58.93 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-02 01:00:12 135,168 -c--a-r C:\WINDOWS\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\misc.exe + 2008-09-10 15:54:32 135,168 ----a-r C:\WINDOWS\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\misc.exe - 2008-06-02 01:00:13 40,960 -c--a-r C:\WINDOWS\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe + 2008-09-10 15:54:32 40,960 ----a-r C:\WINDOWS\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe + 2008-01-21 16:12:56 41,792 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys + 2008-01-21 16:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys + 2008-03-04 11:28:53 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys + 2007-11-02 08:47:38 83,496 ----a-w C:\WINDOWS\system32\drivers\s916bus.sys + 2007-11-02 08:47:38 12,200 ----a-w C:\WINDOWS\system32\drivers\s916cm.sys + 2007-11-02 08:47:38 12,200 ----a-w C:\WINDOWS\system32\drivers\s916cmnt.sys + 2007-11-02 08:47:38 15,016 ----a-w C:\WINDOWS\system32\drivers\s916mdfl.sys + 2007-11-02 08:47:38 109,992 ----a-w C:\WINDOWS\system32\drivers\s916mdm.sys + 2007-11-02 08:47:38 12,200 ----a-w C:\WINDOWS\system32\drivers\s916wh.sys + 2007-11-02 08:47:38 12,200 ----a-w C:\WINDOWS\system32\drivers\s916whnt.sys + 2007-03-01 08:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys - 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll + 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll - 2006-10-18 19:47:20 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll + 2008-06-24 16:12:58 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll + 2006-12-01 20:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2006-12-01 20:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 20:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 20:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 22:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 22:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 22:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 22:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 22:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 22:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 22:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 22:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 22:46:44 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2008-04-15 17:56:59 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-07 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 262401] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] C:\Documents and Settings\Talha\Menu D‚marrer\Programmes\D‚marrage\ Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe [2007-08-13 5484544] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Talha^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk] path=C:\Documents and Settings\Talha\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk backup=C:\WINDOWS\pss\Club Internet.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-06-07 15:37 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] --a--c--- 2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"= "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "C:\\Program Files\\SopCast\\SopCast.exe"= "C:\\Documents and Settings\\TASLEEM\\Application Data\\SopCast\\adv\\SopAdver.exe"= "C:\\WINDOWS\\system32\\LEXPPS.EXE"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-05 14336] R3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 12672] S2 FILESpy;FILESpy;C:\Program Files\Softwin\BitDefender9\filespy.sys [ ] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 31547] S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 152576] S3 s916bus;Sony Ericsson Device 916 driver (WDM);C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] \Shell\AutoRun\command - H:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0766c892-562b-11dc-b626-0014a41f60a1}] \Shell\AutoRun\command - H:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9f3b5506-8d59-11dc-b6a2-0014a41f60a1}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab4f4f9e-0def-11dc-b5ad-0014a41f60a1}] \Shell\AutoRun\command - G:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc53b23b-a4bf-11db-b416-0014a41f60a1}] \Shell\AutoRun\command - H:\autorun.exe \Shell\explore\Command - H:\autorun.exe -e \Shell\open\Command - H:\autorun.exe . Contenu du dossier 'Tâches planifiées' . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-15 22:53:57 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... ************************************************************************** . Heure de fin: 2008-09-15 23:09:02 ComboFix-quarantined-files.txt 2008-09-15 21:07:58 ComboFix2.txt 2008-09-06 19:37:19 Avant-CF: 5,380,083,712 octets libres AprŠs-CF: 6,370,029,568 octets libres 214 --- E O F --- 2008-09-10 15:54:34