AIDE POUR DESINFECTION DE MON ORDINATEUR

Bonjour ,
Quelqu'un pourrait-il m'aider ?

Merci

Bonjour,

AVANT D'ENREGISTRER, RENOMME-LE EN Combo-fix !
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Bonsoir Angeldark,

Voici le résultat :

ComboFix 08-05-21.3 - Administrateur 2008-05-24 21:29:01.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.657 [GMT -3:00]
Endroit: C:\Documents and Settings\Administrateur\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\Application Data\m
C:\Documents and Settings\Administrateur\Application Data\m\data.oct
C:\Documents and Settings\Administrateur\Application Data\m\list.oct
C:\Documents and Settings\Administrateur\Application Data\m\shared
C:\Documents and Settings\Administrateur\Application Data\m\shared\'IE Save Buddy 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\#1_Spyware_Killer_2.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\1D0-420_CIW_Site_Designer_for_CIW_Professional_6.05.05.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\24x7 Event Server 1.0.1.14.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\3D Christmas Tunnels Screensaver 1.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Actual Windows Manager 4.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\AJ TZip 1.3.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\All Seeing Eye 2.6 KeyGen.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\AllWaterfallSaver 2.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\AMD Power Monitor 1.2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\AMV Studio 5.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Another Pascal to Html Converter 1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Aranker 1.0 [KeyGen].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\ASP Painter 1.8.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Autorunman_2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\BackToBasics_9_(Key).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\BackUpTime 1.6 build 3633.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\BioChem_1stRespondER_Desktop_2.0.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Buddy Spy 2.2.10.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Cape_Clear_4.7.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Cards Plus 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Cleantouch InventGST Reloaded 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\ColorBetter_1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Command_&_Conquer_Generals_Zero_Hour_Rocky_Island_Map.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Company_Manager_2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Comparator_Fast_1.0.0.27_[Cracked].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Contacts_Synchronizer_1.8.11.24.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\CPS_Plus_2.92.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\CrossIPTC_1.13_Key+Serial.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\CxTranslator 2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\DBF Converter 1.50 Crack.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Digijoe CD Labeler 1.6.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\DigitByte Video Converter 3.0.3.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Doc_Shot_1.0_(KeyGen).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Dolby_Surround_Meter_5.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\DXF_Viewer_1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Easy_RealMedia_Producer_1.94.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Easy_WMA_Recorder_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Epson_Stylus_Color_400_2.2EES.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\EventTracker_5.4_Build_19_[With_Crack].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Expired_Cookies_Cleaner_1.01.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\EZ_Backup_Word_Pro_4.7.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Family Historian 3.1.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Fast_Bluetooth_Switcher_1.0.28.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\File Sweeper 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Fin Calc 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\FolderIcon_XP_1.02.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\FolderWatch_3.11.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\FontKat Font Cataloger 3.0 Crack.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Frostzone Express 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\FTP_Live_1.07.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Get Mail 2.5.3.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Get Paths 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Grab-a-Site 5.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\GridImp 2.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Gugle 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Harry_Potter_Book_and_Film_Countdown_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Helium_Music_Manager_2006_build_5160.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Image Format Studio 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\ImgDexer_Beta_2_Cracked.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\InstantRecovery Professional Edition 4.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\JTree 2.6.6.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\LCD-Clock 1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Linspect_Commander_1.1_[Patch].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Lotto_Cheatah_2.33_[KeyGen].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\LottoRocket_Standard_5.05.03.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\lust screensaver 01.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Macrobject_Word-2-Web_Converter_3.0.1.156_(KeyGen).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Magical_Mystery_Tour_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mailtron_Gateway_(PowerPC)_2.3.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Metronome HistoryMaker 1.5a.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mibbly Digital Clock 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\MicroMan's_Crazy_Computers_3.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mind4Math_Advanced_1.1_(Serial).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\MP3_Normalizer_1.03.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\MP3Bee_CD_Burning_Tool_3.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Nevo iPod Suite 2008 2.3.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PassKey 0.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PC DoorGuard 4.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PC Guard for Win32 5.02.0360.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Personalised Clocks 2006 1.0.0.7.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PhotoS 4.0.0.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PingLog 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pixelshop 4.0 [Crack].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Planetary, Lunar, and Stellar Visibility 3.1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Power DVD Player 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PQText_1.0_(KeyGen).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PrayMind_1.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PS Hot Folders 2.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Psychedelico Screensaver 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\QuickStart_2.3.11.72.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\QuickTFTP Desktop Pro 3.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Rapid_Network_Configurator_1.3.0.2_[Serial].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\RBLCheck_1.0.4_[Patch].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Recorder Digits 2.8.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Registry_Defragmentation_8.9_build_07.16_KeyGen.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Rentaccom_9.5.111206.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Rich Payment Calculator 1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Scope2k4_0.6.1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\scViewerX_2.0_Build_161_(Key).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SeaSideSoft_Book_Manager_1.0.3.2_With_Crack.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SecureTask_2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Serial Logger Service 1.21e.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SEscree_1.00.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Share_Cracker_2.2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Software Translator 6.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Star_Wars_Battlefront_v1.2_patch.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\StockQuote_Chaser_1.0_Key.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Time_For_Fishing_Screensaver_1.2_[Patch].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Tinynice_Txt2PDF_2.31_[With_Crack].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Trojan.Abwiz_Removal_Tool_1.0.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\TubesMix_for_PocketPC_1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Url_Generator_3.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Vacation Rental Tracker Plus 1.4.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\VB_Bookmark_Wizard_2.1_(Key).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\VBA_Code_Compare_0.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Wandering_Spider_Screensaver_1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\WebBtnCreator_1.70.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\WebImageGrab 4.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\WibTeX_6.0a.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\World_Geography_Tutor_1.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\xCAT - AEX Tracker 1.00.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Z.COM_2.15.zip
C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\103328.exe
C:\WINDOWS\system32\drivers\downld\105546.exe
C:\WINDOWS\system32\drivers\downld\108000.exe
C:\WINDOWS\system32\drivers\downld\109843.exe
C:\WINDOWS\system32\drivers\downld\110453.exe
C:\WINDOWS\system32\drivers\downld\111156.exe
C:\WINDOWS\system32\drivers\downld\114546.exe
C:\WINDOWS\system32\drivers\downld\116312.exe
C:\WINDOWS\system32\drivers\downld\117078.exe
C:\WINDOWS\system32\drivers\downld\14604890.exe
C:\WINDOWS\system32\drivers\downld\14635843.exe
C:\WINDOWS\system32\drivers\downld\14658937.exe
C:\WINDOWS\system32\drivers\downld\14676843.exe
C:\WINDOWS\system32\drivers\downld\14770640.exe
C:\WINDOWS\system32\drivers\downld\14793656.exe
C:\WINDOWS\system32\drivers\downld\14801343.exe
C:\WINDOWS\system32\drivers\downld\178203.exe
C:\WINDOWS\system32\drivers\downld\182734.exe
C:\WINDOWS\system32\drivers\downld\192890.exe
C:\WINDOWS\system32\drivers\downld\199000.exe
C:\WINDOWS\system32\drivers\downld\203921.exe
C:\WINDOWS\system32\drivers\downld\285296.exe
C:\WINDOWS\system32\drivers\downld\29213156.exe
C:\WINDOWS\system32\drivers\downld\29224359.exe
C:\WINDOWS\system32\drivers\downld\29234812.exe
C:\WINDOWS\system32\drivers\downld\29257187.exe
C:\WINDOWS\system32\drivers\downld\29263515.exe
C:\WINDOWS\system32\drivers\downld\29351515.exe
C:\WINDOWS\system32\drivers\downld\29379203.exe
C:\WINDOWS\system32\drivers\downld\29402390.exe
C:\WINDOWS\system32\drivers\downld\295625.exe
C:\WINDOWS\system32\drivers\downld\301703.exe
C:\WINDOWS\system32\drivers\downld\316828.exe
C:\WINDOWS\system32\drivers\downld\327093.exe
C:\WINDOWS\system32\drivers\downld\339812.exe
C:\WINDOWS\system32\drivers\downld\75906.exe
C:\WINDOWS\system32\drivers\downld\77562.exe
C:\WINDOWS\system32\drivers\downld\77609.exe
C:\WINDOWS\system32\drivers\downld\77984.exe
C:\WINDOWS\system32\drivers\downld\79343.exe
C:\WINDOWS\system32\drivers\downld\79484.exe
C:\WINDOWS\system32\drivers\downld\81265.exe
C:\WINDOWS\system32\drivers\downld\81937.exe
C:\WINDOWS\system32\drivers\downld\83656.exe
C:\WINDOWS\system32\drivers\downld\83921.exe
C:\WINDOWS\system32\drivers\downld\86828.exe
C:\WINDOWS\system32\drivers\downld\89406.exe
C:\WINDOWS\system32\drivers\downld\90718.exe
C:\WINDOWS\system32\drivers\downld\92859.exe
C:\WINDOWS\system32\drivers\downld\94828.exe
C:\WINDOWS\system32\drivers\downld\96890.exe
C:\WINDOWS\system32\drivers\downld\98140.exe
C:\WINDOWS\system32\drivers\downld\99218.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\uninstall.exe
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-25 to 2008-05-25 ))))))))))))))))))))))))))))))))))))
.

2008-05-21 23:39 . 2008-05-21 23:39 <REP> d-------- C:\WINDOWS\Sun
2008-05-21 22:16 . 2008-05-21 22:16 <REP> d-------- C:\Program Files\Panda Security
2008-05-21 22:07 . 2008-05-21 22:07 <REP> d-------- C:\Program Files\CCleaner
2008-05-21 22:06 . 2008-05-21 22:06 2,897,456 --a------ C:\Program Files\ccsetup207.exe
2008-05-21 21:55 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-21 21:47 . 2008-05-21 21:47 <REP> d-------- C:\WINDOWS\AU_Temp
2008-05-21 21:32 . 2008-05-21 21:55 <REP> d-------- C:\Program Files\Java
2008-05-21 21:31 . 2008-05-21 21:31 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-05-21 21:27 . 2008-05-21 21:27 <REP> d-------- C:\WINDOWS\report
2008-05-21 21:27 . 2008-05-21 21:37 <REP> d-------- C:\WINDOWS\AU_Backup
2008-05-21 21:27 . 2008-05-21 21:27 36,059,553 --a------ C:\WINDOWS\VPTNFILE.289
2008-05-21 21:27 . 2008-05-21 21:27 36,059,553 --a------ C:\WINDOWS\LPT$VPN.289
2008-05-21 21:27 . 2008-05-21 21:27 1,954,681 --a------ C:\WINDOWS\tsc.ptn
2008-05-21 21:27 . 2008-05-21 21:37 1,213,784 --a------ C:\WINDOWS\vsapi32.dll
2008-05-21 21:27 . 2008-05-21 21:27 333,576 --a------ C:\WINDOWS\TSC.exe
2008-05-21 21:27 . 2008-05-21 21:37 91,744 --a------ C:\WINDOWS\BPMNT.dll
2008-05-21 21:27 . 2008-05-21 21:27 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2008-05-21 21:27 . 2008-05-21 21:47 823 --a------ C:\WINDOWS\tsc.ini
2008-05-21 21:26 . 2008-05-21 21:26 <REP> d-------- C:\WINDOWS\AU_Log
2008-05-21 21:26 . 2008-05-21 21:37 170 --a------ C:\WINDOWS\GetServer.ini
2008-05-21 21:25 . 2008-05-21 21:25 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2008-05-21 21:25 . 2008-05-21 21:25 286,720 --a------ C:\WINDOWS\PATCH.EXE
2008-05-21 21:25 . 2008-05-21 21:25 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2008-05-21 21:08 . 2008-05-21 21:08 22,311,160 --a------ C:\Program Files\antivir_workstation_winu_en_h.exe
2008-05-16 11:17 . 2008-05-16 11:17 <REP> d--h----- C:\WINDOWS\PIF
2008-05-12 21:13 . 2008-05-12 21:13 <REP> d-------- C:\Program Files\ONES (F)
2008-05-12 21:13 . 2006-11-29 04:10 667,648 --a------ C:\WINDOWS\InZU31.exe
2008-05-12 21:13 . 2005-06-28 21:38 15,172 --a------ C:\WINDOWS\system32\drivers\PzWDM.sys
2008-05-12 10:06 . 2008-05-12 10:06 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\NewSoft
2008-05-12 10:06 . 2008-05-12 10:06 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Canon
2008-05-11 20:47 . 2004-08-19 16:09 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-05-11 20:47 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-05-06 21:59 . 2008-05-07 20:31 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\GrabIt
2008-05-06 21:05 . 2008-05-06 21:05 <REP> d-------- C:\Program Files\GrabIt
2008-05-06 21:05 . 2008-05-06 21:05 1,728,307 --a------ C:\Program Files\GrabIt171b.exe
2008-05-06 07:21 . 2008-05-06 12:11 38 --a------ C:\WINDOWS\avisplitter.INI
2008-05-05 19:20 . 2008-05-05 19:20 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-05-05 11:55 . 2008-05-05 11:55 <REP> d-------- C:\Program Files\VideoLAN
2008-05-05 11:55 . 2008-05-05 11:55 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\vlc
2008-05-05 11:55 . 2008-05-05 11:55 9,730,075 --a------ C:\Program Files\vlc-0.8.6f-win32.exe
2008-05-04 13:26 . 2008-05-24 15:26 <REP> d-------- C:\Program Files\eChanblard
2008-05-04 13:22 . 2008-05-04 13:22 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-04 13:20 . 2008-05-04 13:20 7,752,776 --a------ C:\Program Files\eChanblard.exe
2008-05-04 11:57 . 2008-05-04 13:21 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2008-05-04 11:54 . 2008-05-04 11:54 <REP> d-------- C:\Documents and Settings\Administrateur\Bluetooth Software
2008-05-04 11:52 . 2008-05-04 11:52 <REP> d-------- C:\Program Files\WIDCOMM
2008-05-04 11:47 . 2008-05-04 11:47 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Samsung
2008-05-04 11:44 . 2008-05-04 11:44 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-05-04 11:44 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
2008-05-04 11:44 . 2007-05-02 11:12 109,704 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys
2008-05-04 11:44 . 2007-05-02 11:12 83,592 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys
2008-05-04 11:44 . 2007-05-02 11:12 15,112 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys
2008-05-04 11:44 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys
2008-05-04 11:44 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys
2008-05-04 11:44 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys
2008-05-04 11:44 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys
2008-05-04 11:44 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2008-05-04 11:44 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-05-04 11:43 . 2008-05-04 11:43 <REP> d-------- C:\Program Files\Samsung
2008-05-04 11:42 . 2008-05-04 11:42 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-05-04 11:23 . 2008-05-04 11:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DeepBurner
2008-05-04 11:22 . 2008-05-04 11:22 <REP> d-------- C:\Program Files\Astonsoft
2008-05-04 11:21 . 2008-05-04 11:21 2,801,569 --a------ C:\Program Files\DeepBurner1.exe
2008-05-04 10:43 . 2008-05-04 10:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-05-04 00:22 . 2008-05-04 00:22 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-04 00:20 . 2008-05-07 12:34 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2008-05-04 00:20 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys
2008-05-04 00:19 . 2008-05-04 00:20 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-04 00:13 . 2008-05-04 13:22 <REP> d-------- C:\Program Files\Windows Live
2008-05-04 00:13 . 2008-05-04 00:13 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-04 00:13 . 2008-05-04 00:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-04 00:13 . 2008-05-04 00:13 2,402,832 --a------ C:\Program Files\WLinstaller.exe
2008-05-04 00:10 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-04 00:10 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-05-04 00:10 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-03 20:03 . 2008-05-03 20:04 <REP> d-------- C:\Program Files\Dofus
2008-05-03 16:46 . 2008-05-03 16:46 <REP> d-------- C:\Program Files\MSBuild
2008-05-03 16:46 . 2008-05-03 16:46 <REP> d-------- C:\Program Files\Microsoft Works
2008-05-03 16:45 . 2008-05-03 16:45 <REP> d-------- C:\Program Files\Microsoft.NET
2008-05-03 16:43 . 2008-05-03 16:43 <REP> dr-h----- C:\MSOCache
2008-05-03 16:33 . 2008-05-03 16:33 <REP> d-------- C:\Program Files\Notepad++
2008-05-03 16:12 . 2008-05-03 16:12 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-03 16:04 . 2008-05-03 16:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Notepad++
2008-05-03 16:00 . 2008-05-03 16:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Media Player Classic

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-16 14:19 94,208 ----a-w C:\WINDOWS\DUMP7426.tmp
2008-05-14 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-13 00:11 6,050,491 ----a-w C:\Program Files\[Appz] Prassi ONES v2.1.358 (cracked) -DVT.rar
2008-05-04 16:18 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-04 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-03 18:59 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Logitech
2008-05-03 18:57 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-05-03 18:57 --------- d-----w C:\Program Files\Logitech
2008-05-03 18:45 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-05-03 18:45 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-05-03 18:40 --------- d-----w C:\Program Files\NewSoft
2008-05-03 18:40 --------- d-----w C:\Program Files\Fichiers communs\PDFView
2008-05-03 18:39 --------- d-----w C:\Program Files\ScanSoft
2008-05-03 18:39 --------- d-----w C:\Program Files\Fichiers communs\ScanSoft Shared
2008-05-03 18:39 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-03 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-05-03 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-05-03 18:39 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\ScanSoft
2008-05-03 18:38 --------- d-----w C:\Program Files\Canon
2008-05-03 18:37 --------- d--h--w C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-05-03 18:36 --------- d--h--w C:\Program Files\CanonBJ
2008-05-03 18:32 4,501 ----a-w C:\WINDOWS\gdrv.sys
2008-05-03 18:16 --------- d-----w C:\Program Files\Realtek
2008-05-03 18:16 --------- d-----w C:\Program Files\Intel
2008-05-03 18:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-03 18:08 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-05-03 18:05 --------- d-----w C:\Program Files\Foxit
2008-05-03 18:04 --------- d-----w C:\Program Files\MSXML 6.0
2008-03-25 13:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-20 07:56 1,846,016 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:34 827,392 ----a-w C:\WINDOWS\system32\wininet.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
C:\Program Files\Windows Live\Contrôle parental\fssbho.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 21:09 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2005-01-10 05:09 679936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRONoMgr.exe"="C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 16:24 86016]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-09 04:49 15691264 C:\WINDOWS\RTHDCPL.exe]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16 185896]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45 75304]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-03-28 17:38 94208 C:\WINDOWS\KHALMNPR.Exe]
"fssui"="C:\Program Files\Windows Live\Contrôle parental\fssui.exe" [ ]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 21:10 110592 C:\WINDOWS\system32\bthprops.cpl]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32" []
"TSClientMSIUninstaller"="cmd.exe" [2004-08-18 21:09 400896 C:\WINDOWS\system32\cmd.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
"SecondLevelDataCache"=dword:00000200

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2005-06-28 21:38]
R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53]
R2 fsssvc;Windows Live OneCare Contrôle parental;"C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe" []
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 04:08]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-05-03 15:32]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fe43c9c-2352-11dd-8f7c-0016e680ccab}]
\Shell\AutoRun\command - K:\nideiect.com
\Shell\explore\Command - K:\nideiect.com
\Shell\open\Command - K:\nideiect.com

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-24 21:32:33
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-24 21:34:55 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-25 00:34:52

Pre-Run: 197,728,882,688 octets libres
Post-Run: 197,772,972,032 octets libres

420 --- E O F --- 2008-05-14 19:01:42

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

Salut,

Voici le résultat du scan ave MalwareByte's :

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 785

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 72737
Temps écoulé: 32 minute(s), 7 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Ton pc se comporte mieux ?

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Re,

Voici le rapport hijackthis cidessous.

Je n'ai pas réessayé d'installer anitvir, puis-je le faire ?


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:28:08, on 25/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20772)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O18 - Protocol: bw+0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {286D9E38-EF76-4B22-A0F4-D6F86811A8E1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

--
End of file - 18686 bytes

Oui tu peux.

Re,

J'ai réussi à installer Antivir.

J'ai lancé un scan, voici le résultat :

Avira AntiVir Personal
Report file date: dimanche 25 mai 2008 18:42

Scanning for 1286436 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-ADMIN

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 14:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 13:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 13:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 13:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 15:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 18:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 21:40:27
ANTIVIR3.VDF : 7.0.4.88 158720 Bytes 25/05/2008 21:40:27
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 14:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 25/05/2008 21:40:34
AESCN.DLL : 8.1.0.18 119156 Bytes 25/05/2008 21:40:33
AERDL.DLL : 8.1.0.20 418165 Bytes 25/05/2008 21:40:33
AEPACK.DLL : 8.1.1.5 364918 Bytes 25/05/2008 21:40:32
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 25/05/2008 21:40:31
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 25/05/2008 21:40:31
AEHELP.DLL : 8.1.0.14 115063 Bytes 25/05/2008 21:40:29
AEGEN.DLL : 8.1.0.21 303477 Bytes 25/05/2008 21:40:29
AEEMU.DLL : 8.1.0.6 430451 Bytes 25/05/2008 21:40:28
AECORE.DLL : 8.1.0.29 168311 Bytes 25/05/2008 21:40:28
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 22:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 15:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 18:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 22:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 13:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 13:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 22:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 22:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 17:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 19:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 17:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 25 mai 2008 18:42

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'HiJackThis.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'BTTray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'fsssvc.exe' - '1' Module(s) have been scanned
Scan process 'btwdins.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'fssui.exe' - '1' Module(s) have been scanned
Scan process 'OpWareSE4.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'PRONoMgr.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
32 processes with 32 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '35' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\Panda Security\ActiveScan 2.0\pskavs.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[NOTE] The file was moved to '48a4df7b.qua'!
C:\Program Files\WinRAR\SysTools\Trial-Reset.exe
[DETECTION] Is the Trojan horse TR/Agent.167488
[NOTE] The file was moved to '48a2dfa9.qua'!
C:\Program Files\WinRAR\SysTools\Plugins\Empty Key.dll
[DETECTION] Is the Trojan horse TR/Agent.7184.1
[NOTE] The file was moved to '48a9dfa8.qua'!
C:\QooBox\Quarantine\catchme2008-05-24_213039,68.zip
[0] Archive type: ZIP
--> wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> hldrrr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.OD
--> mdelk.exe.1
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.OD
[NOTE] The file was moved to '48addfb7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\data.oct.vir
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48addfbc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\#1_Spyware_Killer_2.1.zip.vir
[0] Archive type: ZIP
--> #1_Spyware_Killer_2.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4898df8f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\'IE Save Buddy 1.0.zip.vir
[0] Archive type: ZIP
--> 'IE Save Buddy 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487edfa9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\1D0-420_CIW_Site_Designer_for_CIW_Professional_6.05.05.zip.vir
[0] Archive type: ZIP
--> 1D0-420_CIW_Site_Designer_for_CIW_Professional_6.05.05.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4869dfa8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\24x7 Event Server 1.0.1.14.zip.vir
[0] Archive type: ZIP
--> 24x7 Event Server 1.0.1.14.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48b1df9a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\3D Christmas Tunnels Screensaver 1.5.zip.vir
[0] Archive type: ZIP
--> 3D Christmas Tunnels Screensaver 1.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4859dfac.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Actual Windows Manager 4.5.zip.vir
[0] Archive type: ZIP
--> Actual Windows Manager 4.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48addfcd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\AJ TZip 1.3.zip.vir
[0] Archive type: ZIP
--> AJ TZip 1.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4859dfb6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\All Seeing Eye 2.6 KeyGen.zip.vir
[0] Archive type: ZIP
--> All Seeing Eye 2.6 KeyGen.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5dfdb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\AllWaterfallSaver 2.5.zip.vir
[0] Archive type: ZIP
--> AllWaterfallSaver 2.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5dfdd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\AMD Power Monitor 1.2.0.zip.vir
[0] Archive type: ZIP
--> AMD Power Monitor 1.2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487ddfc3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\AMV Studio 5.0.zip.vir
[0] Archive type: ZIP
--> AMV Studio 5.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '488fdfc5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Another Pascal to Html Converter 1.1.zip.vir
[0] Archive type: ZIP
--> Another Pascal to Html Converter 1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a8dfe8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Aranker 1.0 [KeyGen].zip.vir
[0] Archive type: ZIP
--> Aranker 1.0 [KeyGen].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489adfee.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\ASP Painter 1.8.zip.vir
[0] Archive type: ZIP
--> ASP Painter 1.8.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4889dfd1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Autorunman_2.0.zip.vir
[0] Archive type: ZIP
--> Autorunman_2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48addff6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\BackToBasics_9_(Key).zip.vir
[0] Archive type: ZIP
--> BackToBasics_9_(Key).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489cdfe4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\BackUpTime 1.6 build 3633.zip.vir
[0] Archive type: ZIP
--> BackUpTime 1.6 build 3633.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489cdfe7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\BioChem_1stRespondER_Desktop_2.0.2.zip.vir
[0] Archive type: ZIP
--> BioChem_1stRespondER_Desktop_2.0.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a8dff1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Buddy Spy 2.2.10.zip.vir
[0] Archive type: ZIP
--> Buddy Spy 2.2.10.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ddfff.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Cape_Clear_4.7.zip.vir
[0] Archive type: ZIP
--> Cape_Clear_4.7.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a9dfed.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Cards Plus 1.0.zip.vir
[0] Archive type: ZIP
--> Cards Plus 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48abdfef.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Cleantouch InventGST Reloaded 1.0.zip.vir
[0] Archive type: ZIP
--> Cleantouch InventGST Reloaded 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489edffc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\ColorBetter_1.1.zip.vir
[0] Archive type: ZIP
--> ColorBetter_1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5e002.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Command_&_Conquer_Generals_Zero_Hour_Rocky_Island_Map.zip.vir
[0] Archive type: ZIP
--> Command_&_Conquer_Generals_Zero_Hour_Rocky_Island_Map.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a6e003.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Company_Manager_2.0.zip.vir
[0] Archive type: ZIP
--> Company_Manager_2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a6e006.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Comparator_Fast_1.0.0.27_[Cracked].zip.vir
[0] Archive type: ZIP
--> Comparator_Fast_1.0.0.27_[Cracked].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a6e008.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Contacts_Synchronizer_1.8.11.24.zip.vir
[0] Archive type: ZIP
--> Contacts_Synchronizer_1.8.11.24.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e00a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\CPS_Plus_2.92.zip.vir
[0] Archive type: ZIP
--> CPS_Plus_2.92.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '488cdfee.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\CrossIPTC_1.13_Key+Serial.zip.vir
[0] Archive type: ZIP
--> CrossIPTC_1.13_Key+Serial.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a8e012.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\CxTranslator 2.0.zip.vir
[0] Archive type: ZIP
--> CxTranslator 2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '488de01a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\DBF Converter 1.50 Crack.zip.vir
[0] Archive type: ZIP
--> DBF Converter 1.50 Crack.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487fdfe7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Digijoe CD Labeler 1.6.zip.vir
[0] Archive type: ZIP
--> Digijoe CD Labeler 1.6.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a0e010.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\DigitByte Video Converter 3.0.3.zip.vir
[0] Archive type: ZIP
--> DigitByte Video Converter 3.0.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a0e012.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Doc_Shot_1.0_(KeyGen).zip.vir
[0] Archive type: ZIP
--> Doc_Shot_1.0_(KeyGen).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ce01a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Dolby_Surround_Meter_5.1.zip.vir
[0] Archive type: ZIP
--> Dolby_Surround_Meter_5.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5e01c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\DXF_Viewer_1.1.zip.vir
[0] Archive type: ZIP
--> DXF_Viewer_1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487fe007.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Easy_RealMedia_Producer_1.94.zip.vir
[0] Archive type: ZIP
--> Easy_RealMedia_Producer_1.94.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace012.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Easy_WMA_Recorder_1.0.zip.vir
[0] Archive type: ZIP
--> Easy_WMA_Recorder_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace014.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Epson_Stylus_Color_400_2.2EES.zip.vir
[0] Archive type: ZIP
--> Epson_Stylus_Color_400_2.2EES.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace026.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\EventTracker_5.4_Build_19_[With_Crack].zip.vir
[0] Archive type: ZIP
--> EventTracker_5.4_Build_19_[With_Crack].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ee02e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Expired_Cookies_Cleaner_1.01.zip.vir
[0] Archive type: ZIP
--> Expired_Cookies_Cleaner_1.01.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a9e032.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\EZ_Backup_Word_Pro_4.7.zip.vir
[0] Archive type: ZIP
--> EZ_Backup_Word_Pro_4.7.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4898e016.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Family Historian 3.1.2.zip.vir
[0] Archive type: ZIP
--> Family Historian 3.1.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a6e029.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Fast_Bluetooth_Switcher_1.0.28.zip.vir
[0] Archive type: ZIP
--> Fast_Bluetooth_Switcher_1.0.28.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace02b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\File Sweeper 1.0.zip.vir
[0] Archive type: ZIP
--> File Sweeper 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5e040.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Fin Calc 1.0.zip.vir
[0] Archive type: ZIP
--> Fin Calc 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e04a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\FolderIcon_XP_1.02.zip.vir
[0] Archive type: ZIP
--> FolderIcon_XP_1.02.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5e052.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\FolderWatch_3.11.zip.vir
[0] Archive type: ZIP
--> FolderWatch_3.11.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5e055.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\FontKat Font Cataloger 3.0 Crack.zip.vir
[0] Archive type: ZIP
--> FontKat Font Cataloger 3.0 Crack.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e06f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Frostzone Express 1.0.zip.vir
[0] Archive type: ZIP
--> Frostzone Express 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a8e075.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\FTP_Live_1.07.zip.vir
[0] Archive type: ZIP
--> FTP_Live_1.07.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4889e059.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Get Mail 2.5.3.zip.vir
[0] Archive type: ZIP
--> Get Mail 2.5.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ade06e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Get Paths 1.0.zip.vir
[0] Archive type: ZIP
--> Get Paths 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ade06f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Grab-a-Site 5.0.zip.vir
[0] Archive type: ZIP
--> Grab-a-Site 5.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ae083.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\GridImp 2.4.zip.vir
[0] Archive type: ZIP
--> GridImp 2.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a2e086.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Gugle 1.0.zip.vir
[0] Archive type: ZIP
--> Gugle 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a0e08c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Harry_Potter_Book_and_Film_Countdown_1.0.zip.vir
[0] Archive type: ZIP
--> Harry_Potter_Book_and_Film_Countdown_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48abe07a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Helium_Music_Manager_2006_build_5160.zip.vir
[0] Archive type: ZIP
--> Helium_Music_Manager_2006_build_5160.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5e080.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Image Format Studio 1.0.zip.vir
[0] Archive type: ZIP
--> Image Format Studio 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ae08c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\ImgDexer_Beta_2_Cracked.zip.vir
[0] Archive type: ZIP
--> ImgDexer_Beta_2_Cracked.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a0e08e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\InstantRecovery Professional Edition 4.1.zip.vir
[0] Archive type: ZIP
--> InstantRecovery Professional Edition 4.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace091.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\JTree 2.6.6.zip.vir
[0] Archive type: ZIP
--> JTree 2.6.6.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48abe087.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\LCD-Clock 1.1.zip.vir
[0] Archive type: ZIP
--> LCD-Clock 1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Linspect_Commander_1.1_[Patch].zip.vir
[0] Archive type: ZIP
--> Linspect_Commander_1.1_[Patch].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\LottoRocket_Standard_5.05.03.zip.vir
[0] Archive type: ZIP
--> LottoRocket_Standard_5.05.03.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Lotto_Cheatah_2.33_[KeyGen].zip.vir
[0] Archive type: ZIP
--> Lotto_Cheatah_2.33_[KeyGen].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\lust screensaver 01.zip.vir
[0] Archive type: ZIP
--> lust screensaver 01.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Macrobject_Word-2-Web_Converter_3.0.1.156_(KeyGen).zip.vir
[0] Archive type: ZIP
--> Macrobject_Word-2-Web_Converter_3.0.1.156_(KeyGen).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ce0be.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Magical_Mystery_Tour_1.0.zip.vir
[0] Archive type: ZIP
--> Magical_Mystery_Tour_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Mailtron_Gateway_(PowerPC)_2.3.zip.vir
[0] Archive type: ZIP
--> Mailtron_Gateway_(PowerPC)_2.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Metronome HistoryMaker 1.5a.zip.vir
[0] Archive type: ZIP
--> Metronome HistoryMaker 1.5a.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ade0db.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Mibbly Digital Clock 1.0.zip.vir
[0] Archive type: ZIP
--> Mibbly Digital Clock 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[WARNING] The file was ignored!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\MicroMan's_Crazy_Computers_3.2.zip.vir
[0] Archive type: ZIP
--> MicroMan's_Crazy_Computers_3.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ce0e6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Mind4Math_Advanced_1.1_(Serial).zip.vir
[0] Archive type: ZIP
--> Mind4Math_Advanced_1.1_(Serial).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e0e8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\MP3Bee_CD_Burning_Tool_3.0.zip.vir
[0] Archive type: ZIP
--> MP3Bee_CD_Burning_Tool_3.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '486ce0ed.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\MP3_Normalizer_1.03.zip.vir
[0] Archive type: ZIP
--> MP3_Normalizer_1.03.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '486ce0f1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Nevo iPod Suite 2008 2.3.1.zip.vir
[0] Archive type: ZIP
--> Nevo iPod Suite 2008 2.3.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48afe108.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PassKey 0.1.zip.vir
[0] Archive type: ZIP
--> PassKey 0.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace106.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PC DoorGuard 4.1.zip.vir
[0] Archive type: ZIP
--> PC DoorGuard 4.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4859e0ea.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PC Guard for Win32 5.02.0360.zip.vir
[0] Archive type: ZIP
--> PC Guard for Win32 5.02.0360.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4859e0ec.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Personalised Clocks 2006 1.0.0.7.zip.vir
[0] Archive type: ZIP
--> Personalised Clocks 2006 1.0.0.7.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48abe110.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PhotoS 4.0.0.0.zip.vir
[0] Archive type: ZIP
--> PhotoS 4.0.0.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a8e116.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PingLog 1.0.zip.vir
[0] Archive type: ZIP
--> PingLog 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e119.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Pixelshop 4.0 [Crack].zip.vir
[0] Archive type: ZIP
--> Pixelshop 4.0 [Crack].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48b1e11b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Planetary, Lunar, and Stellar Visibility 3.1.0.zip.vir
[0] Archive type: ZIP
--> Planetary, Lunar, and Stellar Visibility 3.1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ae120.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Power DVD Player 1.0.zip.vir
[0] Archive type: ZIP
--> Power DVD Player 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48b0e124.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PQText_1.0_(KeyGen).zip.vir
[0] Archive type: ZIP
--> PQText_1.0_(KeyGen).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '488de108.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PrayMind_1.2.zip.vir
[0] Archive type: ZIP
--> PrayMind_1.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ae12b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PS Hot Folders 2.2.zip.vir
[0] Archive type: ZIP
--> PS Hot Folders 2.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4859e10e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Psychedelico Screensaver 1.0.zip.vir
[0] Archive type: ZIP
--> Psychedelico Screensaver 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48b2e130.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\QuickStart_2.3.11.72.zip.vir
[0] Archive type: ZIP
--> QuickStart_2.3.11.72.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a2e134.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\QuickTFTP Desktop Pro 3.2.zip.vir
[0] Archive type: ZIP
--> QuickTFTP Desktop Pro 3.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a2e136.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Rapid_Network_Configurator_1.3.0.2_[Serial].zip.vir
[0] Archive type: ZIP
--> Rapid_Network_Configurator_1.3.0.2_[Serial].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a9e129.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\RBLCheck_1.0.4_[Patch].zip.vir
[0] Archive type: ZIP
--> RBLCheck_1.0.4_[Patch].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4885e10b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Recorder Digits 2.8.zip.vir
[0] Archive type: ZIP
--> Recorder Digits 2.8.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ce12e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Registry_Defragmentation_8.9_build_07.16_KeyGen.zip.vir
[0] Archive type: ZIP
--> Registry_Defragmentation_8.9_build_07.16_KeyGen.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a0e12e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Rentaccom_9.5.111206.zip.vir
[0] Archive type: ZIP
--> Rentaccom_9.5.111206.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e12f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Rich Payment Calculator 1.zip.vir
[0] Archive type: ZIP
--> Rich Payment Calculator 1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ce133.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Scope2k4_0.6.1.1.zip.vir
[0] Archive type: ZIP
--> Scope2k4_0.6.1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a8e12e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\scViewerX_2.0_Build_161_(Key).zip.vir
[0] Archive type: ZIP
--> scViewerX_2.0_Build_161_(Key).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '488fe12e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SeaSideSoft_Book_Manager_1.0.3.2_With_Crack.zip.vir
[0] Archive type: ZIP
--> SeaSideSoft_Book_Manager_1.0.3.2_With_Crack.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ae131.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SecureTask_2.0.zip.vir
[0] Archive type: ZIP
--> SecureTask_2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ce131.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Serial Logger Service 1.21e.zip.vir
[0] Archive type: ZIP
--> Serial Logger Service 1.21e.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48abe132.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SEscree_1.00.zip.vir
[0] Archive type: ZIP
--> SEscree_1.00.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace112.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Share_Cracker_2.2.0.zip.vir
[0] Archive type: ZIP
--> Share_Cracker_2.2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ae136.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Software Translator 6.4.zip.vir
[0] Archive type: ZIP
--> Software Translator 6.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489fe13e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Star_Wars_Battlefront_v1.2_patch.zip.vir
[0] Archive type: ZIP
--> Star_Wars_Battlefront_v1.2_patch.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ae143.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\StockQuote_Chaser_1.0_Key.zip.vir
[0] Archive type: ZIP
--> StockQuote_Chaser_1.0_Key.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a8e143.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Time_For_Fishing_Screensaver_1.2_[Patch].zip.vir
[0] Archive type: ZIP
--> Time_For_Fishing_Screensaver_1.2_[Patch].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a6e139.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Tinynice_Txt2PDF_2.31_[With_Crack].zip.vir
[0] Archive type: ZIP
--> Tinynice_Txt2PDF_2.31_[With_Crack].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e139.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Trojan.Abwiz_Removal_Tool_1.0.0.zip.vir
[0] Archive type: ZIP
--> Trojan.Abwiz_Removal_Tool_1.0.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4b5a2174.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\TubesMix_for_PocketPC_1.zip.vir
[0] Archive type: ZIP
--> TubesMix_for_PocketPC_1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489be147.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Url_Generator_3.2.zip.vir
[0] Archive type: ZIP
--> Url_Generator_3.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a5e144.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Vacation Rental Tracker Plus 1.4.0.zip.vir
[0] Archive type: ZIP
--> Vacation Rental Tracker Plus 1.4.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489ce134.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\VBA_Code_Compare_0.4.zip.vir
[0] Archive type: ZIP
--> VBA_Code_Compare_0.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487ae115.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\VB_Bookmark_Wizard_2.1_(Key).zip.vir
[0] Archive type: ZIP
--> VB_Bookmark_Wizard_2.1_(Key).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4898e116.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Wandering_Spider_Screensaver_1.zip.vir
[0] Archive type: ZIP
--> Wandering_Spider_Screensaver_1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e135.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\WebBtnCreator_1.70.zip.vir
[0] Archive type: ZIP
--> WebBtnCreator_1.70.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489be13a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\WebImageGrab 4.0.zip.vir
[0] Archive type: ZIP
--> WebImageGrab 4.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4b69210b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\WibTeX_6.0a.zip.vir
[0] Archive type: ZIP
--> WibTeX_6.0a.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489be13f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\World_Geography_Tutor_1.2.zip.vir
[0] Archive type: ZIP
--> World_Geography_Tutor_1.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48abe145.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\xCAT - AEX Tracker 1.00.zip.vir
[0] Archive type: ZIP
--> xCAT - AEX Tracker 1.00.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487ae11a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Z.COM_2.15.zip.vir
[0] Archive type: ZIP
--> Z.COM_2.15.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487ce106.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '489ee13c.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48a7e141.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '489de145.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '489ee13d.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\108000.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4871e10a.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\111156.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '486ae10c.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\14658937.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '486fe10f.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\29224359.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '486be116.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\29257187.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '486be117.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\77984.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4872e116.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\79343.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '486ce118.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\81265.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '486be111.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\81937.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '4872e112.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\83656.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '486fe114.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\86828.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4871e118.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\89406.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '486de11b.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\90718.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4870e112.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\99218.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '486be11c.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000005.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4869e115.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000008.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4b847b06.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000014.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4869e117.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000026.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '4b847b08.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000028.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4869e119.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000041.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4869e118.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000042.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '4b847b09.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000044.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '4b847b0a.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000045.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '4869e11b.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000046.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '4869e11a.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000048.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4b847b0b.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000049.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4869e11c.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000050.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4b847b0d.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000055.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4b847b0c.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000063.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '4869e11e.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000064.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '4b847b0f.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000066.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '4869e11d.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000067.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '4b847b0e.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP2\A0000071.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '4869e11f.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP4\A0000152.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[NOTE] The file was moved to '4869e121.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP4\A0000153.exe
[DETECTION] Is the Trojan horse TR/Agent.167488
[NOTE] The file was moved to '4b847b32.qua'!
C:\System Volume Information\_restore{D11B74E8-B43A-415D-BB56-3407F723C168}\RP4\A0000154.dll
[DETECTION] Is the Trojan horse TR/Agent.7184.1
[NOTE] The file was moved to '4869e122.qua'!
Begin scan in 'D:\'


End of the scan: dimanche 25 mai 2008 19:01
Used time: 18:18 min

The scan has been done completely.

3322 Scanning directories
141144 Files were scanned
171 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
160 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
140973 Files not concerned
1309 Archives were scanned
13 Warnings
160 Notes

Résultat d'un 2ème Scan avec Antivir, car lors du 1er scan certains fichiers n'ont pas été mis en quarantaine (j'ai cliqué sur ignorer au lieu de mettre en quarantaine :


Avira AntiVir Personal
Report file date: dimanche 25 mai 2008 19:02

Scanning for 1286436 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-ADMIN

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 14:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 13:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 13:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 13:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 15:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 18:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 21:40:27
ANTIVIR3.VDF : 7.0.4.88 158720 Bytes 25/05/2008 21:40:27
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 14:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 25/05/2008 21:40:34
AESCN.DLL : 8.1.0.18 119156 Bytes 25/05/2008 21:40:33
AERDL.DLL : 8.1.0.20 418165 Bytes 25/05/2008 21:40:33
AEPACK.DLL : 8.1.1.5 364918 Bytes 25/05/2008 21:40:32
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 25/05/2008 21:40:31
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 25/05/2008 21:40:31
AEHELP.DLL : 8.1.0.14 115063 Bytes 25/05/2008 21:40:29
AEGEN.DLL : 8.1.0.21 303477 Bytes 25/05/2008 21:40:29
AEEMU.DLL : 8.1.0.6 430451 Bytes 25/05/2008 21:40:28
AECORE.DLL : 8.1.0.29 168311 Bytes 25/05/2008 21:40:28
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 22:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 15:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 18:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 22:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 13:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 13:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 22:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 22:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 17:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 19:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 17:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 25 mai 2008 19:02

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'BTTray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'fsssvc.exe' - '1' Module(s) have been scanned
Scan process 'btwdins.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'fssui.exe' - '1' Module(s) have been scanned
Scan process 'OpWareSE4.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'PRONoMgr.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '35' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\LCD-Clock 1.1.zip.vir
[0] Archive type: ZIP
--> LCD-Clock 1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '487de478.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Linspect_Commander_1.1_[Patch].zip.vir
[0] Archive type: ZIP
--> Linspect_Commander_1.1_[Patch].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a7e49e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\LottoRocket_Standard_5.05.03.zip.vir
[0] Archive type: ZIP
--> LottoRocket_Standard_5.05.03.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ade4a5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Lotto_Cheatah_2.33_[KeyGen].zip.vir
[0] Archive type: ZIP
--> Lotto_Cheatah_2.33_[KeyGen].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '4928b136.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\lust screensaver 01.zip.vir
[0] Archive type: ZIP
--> lust screensaver 01.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48ace4ac.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Magical_Mystery_Tour_1.0.zip.vir
[0] Archive type: ZIP
--> Magical_Mystery_Tour_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a0e498.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Mailtron_Gateway_(PowerPC)_2.3.zip.vir
[0] Archive type: ZIP
--> Mailtron_Gateway_(PowerPC)_2.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '48a2e499.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Mibbly Digital Clock 1.0.zip.vir
[0] Archive type: ZIP
--> Mibbly Digital Clock 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.QH
[NOTE] The file was moved to '489be4a2.qua'!
Begin scan in 'D:\'


End of the scan: dimanche 25 mai 2008 19:15
Used time: 13:08 min

The scan has been done completely.

3323 Scanning directories
140915 Files were scanned
8 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
8 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
140907 Files not concerned
1194 Archives were scanned
5 Warnings
8 Notes

Encore des soucis ?

Re,

1°) au vu du scan fait par Antivir, penses-tu que j'ai encore qq chose à faire ? Les fichiers en quarantaine doivent-ils être supprimés?
Je vois que beaucoup de virus ont été détectés et je ne voudrais pas qu'ils reviennent ....

2°) dois-je installer spybot et adaware pour + de sécurité ?

3°) si tu as d'autres conseils à me donner, ce sera volontiers

Merci

Tu peux les laisser en quarantaine  


Nop. Regarde ma signature.

Merci sincèrement pour ton aide.

Tout est en ordre maintenant.

@+  

De rien