Antivirus

Bonjour,

Tout d'abord je vous remercie pour votre aide, j'ai essayé de suivre ce que vous m'avez conseillé mais je n'arrive pas à enregistrer le téléchargement sous le nom de antibagle

merci d'avance

ComboFix 08-07-05.1 - Amouna 2008-07-08 2:39:27.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.371 [GMT 0:00]
Endroit: C:\Documents and Settings\Amouna\Bureau\antibagle.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\downld
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\Amouna\Application Data\m
C:\Documents and Settings\Amouna\Application Data\m\data.oct
C:\Documents and Settings\Amouna\Application Data\m\flec006.exe
C:\Documents and Settings\Amouna\Application Data\m\list.oct
C:\Documents and Settings\Amouna\Application Data\m\shared
C:\Documents and Settings\Amouna\Application Data\m\shared\!!!.Crack.Bitdefender.8.-.Professional.Plus.!!!.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\1cleanup_3.2_[Key+Serial].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\3D_Message_Free_2.1.7.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\3GP_Photo_Slideshow_1.12_[Key+Serial].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\4c_3.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\4Menu_basic_CD_front_end_1.502.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Access2MSSQL_Sync_1.3.2_[KeyGen].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\AclickStat_1.1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Actual_Reminder_3.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Adobe_Image_Viewer_4.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Advanced_IP_Scanner_1.5.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Age_of_Mythology_-_The_Perfect_Greek_scenario.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Airfoil_2.0.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\aMule_2.1.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Arabic_Keyboard_Typing_Tutor_3.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\ASEMCA_1.0.2_build_197.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\AutoRun_Typhoon_III_3.2.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Awesome_Navy_Aircraft_Screen_Saver_Lite_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\BackupXpress_Pro_2.74.41_build_191.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\BackZip_0.5.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Bricks_Destroyer_1.4.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Brilliant_Clock_screensaver_2.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\BuildersPal_1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Carnivores_2_demo_fix.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\CD-Cover_1.1_(Serial).zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Chili_FTP_1.4.1.17_(Serial).zip
C:\Documents and Settings\Amouna\Application Data\m\shared\ColorSniffer_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Cralglist_AutoPost_1.5.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Custom_Screensaver_Selection_7_2.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Cute_Translator_3.01.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\DarkBASIC_Professional_5.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\DBTools_QueryIT_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\dfg_StockAlert_XP_3.9.2.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Dictionary_English_-_Albanian_1.8.33.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Digiters_DVD_to_PSP_Converter_3.6_[Cracked].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\DocShield_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Dynamic_Image_Resize_Wizard_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Easy-Hide-IP_1.4.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\EMCO_Remote_Task_Scheduling_1.0_[Crack].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\EngiLab_Beam.2D_ML_1.1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\English_Thesaurus_3.1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Etherlords_demo_2.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Event_Catcher_1.0.0.24.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\ExeJ_1.01.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Express_Assist_9.0.2.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\File_Splitter_Deluxe_3.4.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Filter_Forge_1.009_Patch.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Folder_Guard_Classic_Edition_7.6.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Fraction_Calculator_and_Cheat_1.0.4.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Game_Control_Online_1.10.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\GenoPalette_2.5_(Key+Serial).zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Glossary_of_International_Banking_and_Finance_9984921700.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Heart_of_Jesus_toolbar_for_Firefox_1.5.0.6.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\HTTPLook_1.25_Patch.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\HydraCrypt_1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\iCOS_iComicsOnSale_1.2.2.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\IDAutomation_PDF417_Font_and_Encoder_3.7.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\ImgConverter_2.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Imhotext_1.0_[Patch].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\InB_Spy_6.1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Informational_Tab_0.2.2007050601.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Jedi_Knight_II_Jedi_Outcast_Hydroball_2_Mod_1.1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\JLearnIt_2.2.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Journal_eXpress_1.9.9_(KeyGen).zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Kerala_News_1.1.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Kernel_IncrediMail_4.02.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\mariahw.zoomshare.com_toolbar_for_Firefox_1.0.1.30.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\MB3-216_Practice_Exam_Testing_Engine_Software_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\MemorialMaster_1.01.0008.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\MetaTrader_3.84.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Moyea_Flash_to_Video_Converter_Standard_1.1.0.34.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\MPEG_Header_Corrector_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\MPEG_Parser_1.3.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\MSN_Animal_Avatar_Display_Pack_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Mystical_Lighting_1.0_[KeyGen].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\NetZero_Voice_1.0.3476.6913.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Niall's_Pedal_Board_1.26.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Norton_AntiBot_1.0.1310.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Notes_Organizer_Deluxe_2.52.05_32-Bit.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\novaPDF_Server_Pro_4.2_build_187.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\OpenEuclide_0.4.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Oracle_Simple_user_Assistant_1.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\OSS_Video_Converter_5.5.0.5_[Serial].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\PANDA_PLATINUM_INTERNET_SECURITY_2006_MULTILANGUAGE_ISO.for.[www.torrent-base.dl.am].zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Peak_Explorer_2.11_(Key+Serial).zip
C:\Documents and Settings\Amouna\Application Data\m\shared\PhoTags_3.0.52.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Photo_Recovery_0.13_beta.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\Photo_Screensaver_Maker_5.2.4.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\php-residence_0.6.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\PicSizer_3.0.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\PiggyBob_Basic_3.0_Serial.zip
C:\Documents and Settings\Amouna\Application Data\m\shared\PlaylistBot_1.1.0b3.zip
C:\Documents and

la suite


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-08 to 2008-07-08 ))))))))))))))))))))))))))))))))))))
.

2008-07-08 02:45 . 2008-07-08 02:45 <REP> d-------- C:\WINDOWS\system32\drivers\downld
2008-07-07 18:23 . 2005-05-03 18:43 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2008-07-07 01:52 . 2008-07-07 01:52 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2008-07-07 01:52 . 2008-07-07 01:52 <REP> d-------- C:\Program Files\Zone Labs
2008-07-07 01:52 . 2008-04-02 21:07 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2008-07-07 01:52 . 2008-07-07 01:52 352,624 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-07-07 01:49 . 2008-07-07 01:53 <REP> d-------- C:\WINDOWS\Internet Logs
2008-07-06 22:06 . 2008-07-06 22:06 <REP> d-------- C:\Documents and Settings\Amouna\Application Data\AVGTOOLBAR
2008-07-06 22:06 . 2008-07-07 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-06 21:38 . 2008-07-06 21:38 <REP> d-------- C:\Program Files\ma-config.com
2008-07-06 21:38 . 2008-07-06 22:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-07-04 22:34 . 2008-07-08 01:27 11 --a------ C:\WINDOWS\system32\jdc32_mm.vcd
2008-07-04 22:34 . 2008-07-04 22:34 0 --a------ C:\WINDOWS\consult.INI
2008-07-04 22:28 . 2008-07-06 22:14 <REP> d-------- C:\Program Files\cdmaroc
2008-07-01 13:48 . 2006-08-08 19:58 692,224 --a------ C:\WINDOWS\system32\lxcrdrs.dll
2008-07-01 13:48 . 2006-11-30 16:32 344,064 --a------ C:\WINDOWS\system32\lxcrcoin.dll
2008-07-01 13:48 . 2006-08-14 21:01 65,536 --a------ C:\WINDOWS\system32\lxcrcaps.dll
2008-07-01 13:48 . 2005-12-20 16:54 61,440 --a------ C:\WINDOWS\system32\lxcrcnv4.dll
2008-07-01 13:48 . 2006-03-23 08:33 40,960 --a------ C:\WINDOWS\system32\lxcrvs.dll
2008-07-01 13:47 . 2006-11-22 13:51 45,056 --a------ C:\WINDOWS\system32\LXPRMON.DLL
2008-07-01 13:47 . 2006-11-22 13:50 32,768 --a------ C:\WINDOWS\system32\LXPMONUI.DLL
2008-07-01 13:47 . 2006-11-22 14:08 12,288 --a------ C:\WINDOWS\system32\LXPMONRC.DLL
2008-07-01 13:46 . 2008-07-06 22:14 <REP> d-------- C:\Program Files\Lexmark 2400 Series
2008-06-25 22:06 . 2008-06-25 22:06 2,454,911 --a------ C:\fati2.rar
2008-06-25 15:04 . 2008-06-25 15:04 166,912 --a------ C:\WINDOWS\system32\MSCHRT20.oca
2008-06-25 15:04 . 2008-06-25 15:04 135,680 --a------ C:\WINDOWS\system32\MSCOMCT2.oca
2008-06-25 15:04 . 2008-06-25 15:04 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-06-25 15:04 . 2008-06-25 15:04 25,600 --a------ C:\WINDOWS\system32\MSCOMM32.oca
2008-06-25 13:48 . 2008-06-26 09:44 <REP> d-------- C:\fati2
2008-06-24 20:54 . 2008-06-24 20:54 <REP> d-------- C:\Program Files\SweetIM
2008-06-24 20:54 . 2008-06-24 20:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SweetIM
2008-06-23 11:45 . 2008-06-23 11:45 3,994,912 --a------ C:\amin.rar
2008-06-23 10:36 . 2008-06-25 16:16 <REP> d-------- C:\amin
2008-06-21 09:29 . 2008-06-21 10:46 <REP> d-------- C:\projet
2008-06-19 15:16 . 2008-06-19 15:16 <REP> d-------- C:\Program Files\Codemasters
2008-06-19 14:16 . 2008-06-19 14:16 <REP> d-------- C:\Documents and Settings\Amouna\Application Data\Talkback
2008-06-19 13:56 . 2008-06-19 13:56 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-06-19 13:55 . 2008-06-19 13:55 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-19 07:58 . 2008-06-19 07:58 70,144 --a------ C:\WINDOWS\system32\MSDATLST.oca
2008-06-19 07:58 . 2008-06-19 07:58 69,632 --a------ C:\WINDOWS\system32\DBLIST32.oca
2008-06-11 15:33 . 2008-06-13 00:43 <REP> d-------- C:\Program Files\EasyPHP1-8
2008-06-11 15:24 . 2003-03-04 00:56 700,469 --a------ C:\WINDOWS\system32\myodbc3d.dll
2008-06-11 15:24 . 2003-03-04 00:22 360,448 --a------ C:\WINDOWS\system32\myodbc3.dll
2008-06-11 15:24 . 2002-07-26 17:02 153,088 --a------ C:\WINDOWS\system32\UNWISE.EXE
2008-06-11 15:24 . 2003-03-04 00:22 17,438 --a------ C:\WINDOWS\system32\myodbc3.lib
2008-06-11 15:24 . 2008-06-11 15:24 100 --a------ C:\WINDOWS\system32\UNWISE.INI
2008-06-11 09:39 . 2008-06-11 09:48 174 --a------ C:\clients.dat
2008-06-11 09:04 . 2008-06-11 09:04 266,752 --a------ C:\WINDOWS\system32\MSCOMCTL.oca
2008-06-09 14:16 . 2008-07-04 19:09 <REP> d-------- C:\Documents and Settings\Amouna\Application Data\OpenOffice.org2
2008-06-09 14:14 . 2008-07-07 00:09 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-06-08 17:11 . 2007-11-01 15:35 103,424 --a------ C:\WINDOWS\system32\MyDIT_GenClassCoInst.dll
2008-06-08 17:11 . 2007-10-16 11:40 97,408 --a------ C:\WINDOWS\system32\drivers\cmusbser.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-08 02:28 --------- d-----w C:\Documents and Settings\Amouna\Application Data\skypePM
2008-07-08 02:28 --------- d-----w C:\Documents and Settings\Amouna\Application Data\Skype
2008-07-08 02:24 --------- d-----w C:\Program Files\lx_cats
2008-07-06 23:44 --------- d-----w C:\Program Files\LimeWire
2008-07-06 23:43 --------- d-----w C:\Program Files\BitComet
2008-07-06 19:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-07-06 19:39 --------- d-----w C:\Program Files\Realtek
2008-07-05 14:26 --------- d-----w C:\Program Files\eMule
2008-07-04 22:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-01 13:47 --------- d-----w C:\Program Files\Lexmark Fax Solutions
2008-07-01 13:46 --------- d-----w C:\Program Files\Lexmark Toolbar
2008-06-19 15:44 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-06-19 13:56 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-06-13 09:57 --------- d-----w C:\Documents and Settings\Amouna\Application Data\dvdcss
2008-06-05 15:05 --------- d-----w C:\Program Files\TVUPlayer
2008-06-05 13:06 --------- d-----w C:\Documents and Settings\Amouna\Application Data\TVU Networks
2008-06-05 13:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-06-02 08:09 --------- d-----w C:\Program Files\SWiSHmax
2008-05-30 11:08 --------- d-----w C:\Program Files\SereneScreen
2008-05-29 08:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-29 02:21 --------- d-----w C:\Documents and Settings\Amouna\Application Data\LimeWire
2008-05-28 19:44 505 ----a-w C:\WINDOWS\system32\drivers\CMV3p.txt
2008-05-28 19:44 32 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-05-28 19:44 --------- d-----w C:\Program Files\SAGEM
2008-05-25 00:11 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-05-25 00:08 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-25 00:08 --------- d-----w C:\Documents and Settings\Amouna\Application Data\DAEMON Tools
2008-05-17 16:04 --------- d-----w C:\Program Files\ESET
2008-05-17 16:01 --------- d-----w C:\Program Files\Common Files
2008-05-11 21:40 --------- d-----w C:\Program Files\Globe7
2008-05-11 21:06 --------- d-----w C:\Documents and Settings\Amouna\Application Data\Globe7
2008-05-11 20:44 --------- d-----w C:\Documents and Settings\Amouna\Application Data\VoipCheapCom
2008-05-11 20:34 --------- d-----w C:\Documents and Settings\Amouna\Application Data\VoipBuster
2008-04-22 20:36 92,064 ----a-w C:\Documents and Settings\Amouna\mqdmmdm.sys
2008-04-22 20:36 9,232 ----a-w C:\Documents and Settings\Amouna\mqdmmdfl.sys
2008-04-22 20:36 79,328 ----a-w C:\Documents and Settings\Amouna\mqdmserd.sys
2008-04-22 20:36 66,656 ----a-w C:\Documents and Settings\Amouna\mqdmbus.sys
2008-04-22 20:36 6,208 ----a-w C:\Documents and Settings\Amouna\mqdmcmnt.sys
2008-04-22 20:36 5,936 ----a-w C:\Documents and Settings\Amouna\mqdmwhnt.sys
2008-04-22 20:36 4,048 ----a-w C:\Documents and Settings\Amouna\mqdmcr.sys
2008-04-22 20:36 25,600 ----a-w C:\Documents and Settings\Amouna\usbsermptxp.sys
2008-04-22 20:36 22,768 ----a-w C:\Documents and Settings\Amouna\usbsermpt.sys
2005-07-04 17:06 319,617 --sh--w C:\WINDOWS\system32\SalaatTime.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-03-27 14:12 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 14:12 1164600]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 14:12 1164600]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SalaatTime"="C:\Program Files\Salaat Time\SalaatTime.exe" [2005-04-27 06:06 692224]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-30 17:17 22058792]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 09:39 486856]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Azkary"="C:\Program Files\Azkary\Azkary" [X]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-06-19 13:55 185896]
"SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-06-15 13:40 111928]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2007-01-11 18:57 291760]
"EzPrint"="C:\Program Files\Lexmark 2400 Series\ezprint.exe" [2006-12-11 16:11 82864]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-12-11 16:12 295856]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-11-21 17:27 106496]
"WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2003-04-02 02:20 12288]
"TouchPadHotKey"="C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe" [2007-06-26 13:58 360448]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 18:14 36975]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 12:00 208952]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 15:37 40960]
"AttuneClientEngine"="C:\PROGRA~1\Aveo\Attune\bin\attune_ce.exe" [2000-07-24 23:47 356728]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 15:21 16384000 C:\WINDOWS\RTHDCPL.exe]
"SiSPower"="SiSPower.dll" [2007-04-11 03:06 53248 C:\WINDOWS\system32\SiSPower.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Microsoft Visual Studio\\COMMON\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\Program Files\\Corel\\Graphics10\\Register\\NAVBrowser.exe"=
"<NO NAME>"=
"C:\\K-ZeroSoft\\WeTalk\\WeTalk_I.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\WINDOWS\\system32\\lxcrcoms.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"15665:TCP"= 15665:TCP:BitComet 15665 TCP
"15665:UDP"= 15665:UDP:BitComet 15665 UDP
"5000:TCP"= 5000:TCP:AresChatServer

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 15:11]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-15 23:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-15 23:16]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-05 12:00]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-09-15 11:07]
S2 WebDev 11;WebDev 11 (PC SOFT);C:\WebDev 11\Programmes\Moteur\Windows\WD110Admin.exe []
S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-09-19 11:03]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 09:13]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;C:\WINDOWS\system32\DRIVERS\cmusbser.sys [2007-10-16 11:40]
S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2005-04-14 01:00]
S3 ZSMC302;VIMICRO USB PC Camera;C:\WINDOWS\system32\Drivers\usbVM31b.sys [2004-09-07 16:11]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-03-03 20:44:16 C:\WINDOWS\Tasks\Low Battery Alarm Program.job"
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-VoipCheapCom - C:\Program Files\VoipCheapCom\VoipCheapCom.exe
HKCU-Run-VoipBuster - C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
HKCU-Run-SGooPE - C:\Program Files\CallIT\SGooPE\SGOOPE.EXE
HKCU-Run-BitComet - C:\Program Files\BitComet\BitComet.exe
HKCU-Run-eyeBeam SIP Client - (no file)
HKLM-Run-SynTPEnh - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-PHIME2002ASync - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
HKLM-Run-PHIME2002A - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
HKLM-Run-ISUSPM - C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
HKLM-Run-Corel Reminder - (no file)


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-08 02:45:52
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\lxcrcoms.exe
.
**************************************************************************

Bonjour,

l'antivirus Avast et zone alarm

Bonjour,

voilà le rapport



Tue Jul 08 03:10:24 2008
EliBagle v11.56 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 7 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Tue Jul 08 03:10:39 2008
EliBagle v11.56 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 7 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\QooBox\Quarantine\C\Documents and Settings\Amouna\Application Data\m\FLEC006.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\MDELK.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\WINTEMS.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\SROSA.SYS.VIR --> Eliminado Bagle (rootkit)
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\15884953.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\16079906.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\736843.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\737968.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\739984.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\740250.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\747718.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\748312.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\748546.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\759187.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\762171.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\762718.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\776281.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\778812.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\781609.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\786937.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\798890.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\801343.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\822265.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\863250.EXE.VIR --> Eliminado Bagle

Nº Total de Directorios: 6843
Nº Total de Ficheros: 88912
Nº de Ficheros Analizados: 11143
Nº de Ficheros Infectados: 24
Nº de Ficheros Limpiados: 24

Tue Jul 08 11:48:21 2008
EliBagle v11.56 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 7 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Tue Jul 08 11:48:29 2008
EliBagle v11.56 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 7 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6846
Nº Total de Ficheros: 89177
Nº de Ficheros Analizados: 11187
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Tue Jul 08 11:55:56 2008
EliBagle v11.56 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 7 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6846
Nº Total de Ficheros: 89178
Nº de Ficheros Analizados: 11187
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Résumé de votre dernière analyse :
08/07/2008 04:56:12
Résultats : 23 virus ou logiciels espions détectés.
Eléments suspects: 14 fichiers suspects détectés, non envoyés.
Vulnérabilités : 66 vulnérabilités détectées.

Bonjour,

voilà le rapport de hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:15:17, on 08/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\Aveo\Attune\bin\attune_ce.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [TouchPadHotKey] C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Azkary] C:\Program Files\Azkary\Azkary
O4 - HKLM\..\Run: [AttuneClientEngine] C:\PROGRA~1\Aveo\Attune\bin\attune_ce.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FD52D8F-9E91-45DB-9999-3A460A2DB931}: NameServer = 212.217.1.4 212.217.0.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E2486D4-ABAE-4562-902D-A23F00854188}: NameServer = 192.162.13.7,212.217.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{51A8D755-6C5E-46B6-9ED9-26515C45DCFE}: NameServer = 212.217.0.1,212.217.0.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{1FD52D8F-9E91-45DB-9999-3A460A2DB931}: NameServer = 212.217.1.4 212.217.0.14
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: WebDev 11 (PC SOFT) (WebDev 11) - Unknown owner - C:\WebDev 11\Programmes\Moteur\Windows\WD110Admin.exe (file missing)

voilà le rapport

Malwarebytes' Anti-Malware 1.20
Version de la base de données: 932
Windows 5.1.2600 Service Pack 2

21:14:29 08/07/2008
mbam-log-7-8-2008 (21-14-29).txt

Type de recherche: Examen rapide
Eléments examinés: 42441
Temps écoulé: 5 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)



je te remercie infiniment le problème est résolu

Bonjour,

je veux installer antivir mais ca me donne le même message qu'avant qu' il n'est pas une application win32 valide pourquoi ça me refais la même chose , et pour l'installation de Kerio il me dit qu'il y a erreur fatal et il se désinstalle tout seul


merci

Bonjour,


merci pour ton aide, je viens de formater mon pc il y avait des virus et des pirates qui controle mon pc mais maintenant sé bon