problème avast

Bonjour,

Télécharge ELIBAGLA en bas de cette page.
Clique sur le bouton Descargar Elibagla, cela va télécharger le fichier, place-le sur ton Bureau.
Double-clique dessus pour l'ouvrir.
Assure-toi que dans le menu déroulant Unidad, vous ayez bien C:\
Vérifie aussi aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente soit bien cochée.
Clique sur le bouton Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.

AIDE : Comment supprimer Bagle ?

Bonjour, c'est la première fois que j'utilise les services de ce site et je n"ai pas compris ou je dois cliquer pour télécharger ELIBAGLA; pourriez-vous me l'expliquer? Merci de votre patience

Tu vas sur cette page :
http://www.zonavirus.com/datos/descargas/95/elibagla.as...
Et tout en bas de la page, tu cliques sur Descargar Elibagla.

MERCI j'ai trouvé mais je ne peux pas l'ouvrir il m'indique un message d'érreur

le message est detectado gusano BAGLE

Tu n'as pas de rapport ?

Non car je n'arrive pas à faire l'analyse la fenetre se ferme avant. Que dois-je faire?

J4ARRIVE A LANCER LE PROGRAMME L(analyse commence mais ss stoppe

Je suis arrivée à faire une analyse avec le logiciel MALWAREBYTE'ANTI-MALWARE. Voici le rapport d'érreurs :
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1316
Windows 5.1.2600 Service Pack 3

2008-10-25 22:23:49
mbam-log-2008-10-25 (22-23-43).txt

Type de recherche: Examen complet (H:\|)
Eléments examinés: 89589
Temps écoulé: 12 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 82

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
H:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.
H:\Documents and Settings\ALEXANDRA\Application Data\m (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
H:\WINDOWS\system32\drivers\downld\103171.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\103687.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\103703.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\104250.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\105921.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\106468.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\111218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\111796.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\112218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\113015.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\113781.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\114250.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\114562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\115156.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\116468.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\117140.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\119593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\121578.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14715171.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14739609.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14746031.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14781593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14789078.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14791468.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14810750.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14831078.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14831937.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14835359.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\15023218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\15033281.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\248515.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\253640.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\254625.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\255593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\258000.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\261359.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\261562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\262296.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\265812.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\269593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\270437.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\278812.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\43046.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\43109.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\43796.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\49046.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\49546.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\50234.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\50296.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\50953.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\51546.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\53906.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\57171.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\58250.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\58656.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\59656.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\60281.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\64343.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\64562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\65218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\65656.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\67828.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\72109.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\72937.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\73703.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\75718.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\76234.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\76328.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\77031.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\78125.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\79781.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\81718.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\85953.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\86562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\93968.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\94968.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\96000.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\99156.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> No action taken.
H:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> No action taken.
H:\Documents and Settings\ALEXANDRA\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> No action taken.

En espérant que cela puisse vous aider-

Ne pouvant pas installer ELIGALA, j'ai éssayé l'autre logiciel que vous m'avez conseillé FINDYKILL. Voici le rapport d'erreurs : FindyKill V4.095 ------------------

* User : ALEXANDRA - WINXPSP3
* Emplacement : H:\Program Files\FindyKill
* Outils Mis a jours le 24/10/08 par Chiquitine29
* Recherche effectuée à 8:22:41 le 2008-10-26
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wdfmgr.exe
H:\WINDOWS\system32\wbem\wmiapsrv.exe
H:\Program Files\Winamp\winampa.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE
H:\Program Files\Winamp Remote\bin\OrbTray.exe
H:\WINDOWS\system32\drivers\winfilse.exe
H:\WINDOWS\system32\wintems.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Internet Explorer\iexplore.exe
h:\program files\winamp toolbar\WinampTbServer.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe

--------------- [ Processus infectieux stoppés ] ----------------


"H:\WINDOWS\system32\wintems.exe" (944)
"H:\WINDOWS\system32\drivers\winfilse.exe" (344)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans H:


»»»» Presence des fichiers dans H:\WINDOWS


»»»» Presence des fichiers dans H:\WINDOWS\Prefetch

Present ! - H:\WINDOWS\prefetch\106234.EXE-396291CB.pf
Present ! - H:\WINDOWS\prefetch\FLEC006.EXE-2DDFFFD0.pf
Present ! - H:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Present ! - H:\WINDOWS\prefetch\MDELK.EXE-238AA5EF.pf
Present ! - H:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Presence des fichiers dans H:\WINDOWS\system32

Présent ! [2008-10-25 18:42] - H:\WINDOWS\system32\mdelk.exe
Présent ! [2008-10-25 18:42] - H:\WINDOWS\system32\wintems.exe
Présent ! [2008-10-26 08:01] - H:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans H:\WINDOWS\system32\drivers

Présent ! [2008-10-26 08:01] - H:\WINDOWS\system32\drivers\srosa.sys
Présent ! [2004-08-26 08:03] - H:\WINDOWS\system32\drivers\winfilse.exe
Présent ! [2008-10-26 08:04] - "H:\WINDOWS\system32\drivers\downld"
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\103171.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\103687.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\103703.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\104250.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\105921.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\106234.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\106468.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\111218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\111796.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\112218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\113015.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\113781.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\114250.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\114562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\115156.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\116468.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\117140.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\119593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\121578.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\127328.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\145578.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14715171.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14739609.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14746031.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14781593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14789078.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14791468.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14810750.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14831078.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14831937.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14835359.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\15023218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\15033281.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\154093.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\248515.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\253640.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\254625.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\255593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\258000.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\261359.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\261562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\262296.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\265812.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\269593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\270437.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\278812.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\296843.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\304296.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\43046.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\43109.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\43796.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\49046.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\49546.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\50234.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\50296.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\50953.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\51546.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\53906.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\57171.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\58250.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\58656.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\59656.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\60281.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\64343.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\64562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\65218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\65656.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\67828.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\72109.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\72937.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\73703.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\75718.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\76234.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\76328.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\77031.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\78125.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\79781.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\81718.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\85953.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\86562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\89828.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\93968.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\94968.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\95156.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\96000.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\96218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\99156.exe

»»»» Presence des fichiers dans H:\Documents and Settings\ALEXANDRA\Application Data

Présent ! [2008-10-25 18:42] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\flec006.exe"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\list.oct"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\data.oct"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\srvlist.oct"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\shared"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m"

»»»» Presence des fichiers dans H:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp


--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
SunJavaUpdateSched REG_SZ "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
NeroFilterCheck REG_SZ H:\WINDOWS\system32\NeroCheck.exe
NvCplDaemon REG_SZ RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
Adobe Reader Speed Launcher REG_SZ "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
WinampAgent REG_SZ "H:\Program Files\Winamp\winampa.exe"
avast! REG_SZ H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe REG_SZ H:\WINDOWS\system32\ctfmon.exe
MsnMsgr REG_SZ "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
EPSON Stylus Photo R285 Series REG_SZ H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
Orb REG_SZ "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background

--------------- [ Registre / Clés infectieuses ] ----------------


Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\nideiect
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\TuneUp_Utilities_2007_6.0.2311.0_(Crack)
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\winfilse
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\bisoft
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\CHKPTR
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\DateTime4
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\FFC
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\FirtR
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\nideiect
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\TuneUp_Utilities_2007_6.0.2311.0_(Crack)
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_CURRENT_USER\Software\bisoft
Présent ! - HKEY_CURRENT_USER\Software\DateTime4
Présent ! - HKEY_CURRENT_USER\Software\FirtR

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

-> Affichage des fichiers cachés non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

-> Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

-> Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

-> Mode sans echec non fonctionnel !!



+- Services : [ Auto=2 Demande=3 Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

H: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Moutpoint2 ] ----------------

Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\AutoRun\command
Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\explore\Command
Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\open\Command


------------------- ! Fin du rapport ! --------------------

Quelles sont les prochaines étapes?
Merci pour votre aide

Bonjour, je suis un peu perdue face à mon souci car je débute en informatique. Faut-il que je reformate mon disque dur?
Bonne après-midi et merci d'avance

Alex, ne formate pas encore, attends la réponse de Angeldark !
Je ne sais pas ce qu'il va en penser, mais je crois que tu devrais déjà nettoyer avec Malware... A bientot, si problème, appelle moi

Pas de problème j'attends la réponse de Angeldark. Mais je pourrai pas me connecter de lundi à jeudi soir.

Bonsoir, juste un élément suplémentaire. Quand je veux ouvrir avast il indique le message d'erreurs suivant  mon disque dur n'est C mais H)
H:\Program Files\Alwil Sotware\avast4\ashAvast.exe n'est pas une applicationWin32 valide
Bonne soirée

Re,

On ne t'aide pas sur un autre forum par hasard ?

Bonsoir ANGELDARK,

Non je ne suis pas aidé par un autre forum. N'ayant pas eu de solution je tentr de trouver des solutions toute seule et je mets les rapports pour aider.
Deplus, je travaille loin de mon domicile est je suis absente plusieurs jours par semaine et je souhaitais mettre toutes mes chances de mon cote pour resourdre le problème car je débute en informatique et je suis perdue; Pouvez-vous m'aider s'il vous plait?

Re,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

je l'ai telecharge mais il me marque le même message d'erreurs quand je veux l'ouvrir que quand je veux ouvrir avast

Tu as bien supprimé les infections avec MBAM ?

je vais relancer une analyse et je réessai

j'ai supprimé les trojan mais ça ne change rien, que dois-je faire?

Passe l'option 2 de FindyKill.

----------------- FindyKill V4.095 ------------------

* User : ALEXANDRA - WINXPSP3
* Emplacement : H:\Program Files\FindyKill
* Outils Mis a jours le 24/10/08 par Chiquitine29
* Suppression effectuée à 21:23:11 le 2008-10-30
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** Suppression *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\system32\logonui.exe
H:\WINDOWS\system32\userinit.exe
H:\WINDOWS\system32\WgaTray.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Suppression des fichiers dans H:


»»»» Suppression des fichiers dans H:\WINDOWS


»»»» Suppression des fichiers dans H:\WINDOWS\Prefetch

Supprimé ! - H:\WINDOWS\Prefetch\72281.EXE-16379C70.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-19812E66.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-337268C1.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-46B22018.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINNT32.EXE-07CE5394.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINZIP32.EXE-335422C1.pf
Supprimé ! - H:\WINDOWS\Prefetch\56203.EXE-00022925.pf
Supprimé ! - H:\WINDOWS\Prefetch\85203.EXE-14EF6FBD.pf
Supprimé ! - H:\WINDOWS\Prefetch\106234.EXE-396291CB.pf
Supprimé ! - H:\WINDOWS\Prefetch\54734.EXE-11EBBB2A.pf
Supprimé ! - H:\WINDOWS\Prefetch\39125.EXE-076C01AF.pf
Supprimé ! - H:\WINDOWS\Prefetch\48765.EXE-0A9238B8.pf
Supprimé ! - H:\WINDOWS\Prefetch\70625.EXE-2F66B069.pf
Supprimé ! - H:\WINDOWS\Prefetch\68906.EXE-0884A291.pf
Supprimé ! - H:\WINDOWS\Prefetch\FLEC006.EXE-2DDFFFD0.pf
Supprimé ! - H:\WINDOWS\Prefetch\63937.EXE-2FDA3DF8.pf
Supprimé ! - H:\WINDOWS\Prefetch\64328.EXE-2CCC1B4E.pf
Supprimé ! - H:\WINDOWS\Prefetch\69078.EXE-002D4FE1.pf
Supprimé ! - H:\WINDOWS\Prefetch\69828.EXE-0DE967C4.pf
Supprimé ! - H:\WINDOWS\Prefetch\65859.EXE-2B7AA28D.pf
Supprimé ! - H:\WINDOWS\Prefetch\59750.EXE-3942C62D.pf
Supprimé ! - H:\WINDOWS\Prefetch\85640.EXE-32325473.pf
Supprimé ! - H:\WINDOWS\Prefetch\88750.EXE-29058749.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINTEMS.EXE-26D98C75.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
Supprimé ! - H:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Supprimé ! - H:\WINDOWS\Prefetch\MDELK.EXE-238AA5EF.pf

»»»» Suppression des fichiers dans H:\WINDOWS\system32

Supprimé ! - H:\WINDOWS\system32\ban_list.txt

»»»» Suppression des fichiers dans H:\WINDOWS\system32\drivers

Supprimé ! - H:\WINDOWS\system32\drivers\srosa.sys
Supprimé ! - H:\WINDOWS\system32\drivers\winfilse.exe

»»»» Suppression des fichiers dans H:\Documents and Settings\ALEXANDRA\Application Data


»»»» Suppression des fichiers dans H:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp


--------------- [ Registre / Clés infectieuses ] ----------------

Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\nideiect
Supprimé ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\TuneUp_Utilities_2007_6.0.2311.0_(Crack)
Supprimé ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\winfilse

-> Certaines clés ont été supprimées au premier reboot ...

--------------- [ Etat / Redémarage des services ] ----------------

+- Mode sans echec restauré !

+- Affichage des fichiers cachés réparé !


+- Services : [ Auto=2 Demande=3 Désactivé=4 ]

Ndisuio - Type de démarrage = 3

EapHost - Type de démarrage = 2

Ip6Fw - Type de démarrage = 2

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2


--------------- [ Nettoyage des supports amovibles ] ----------------

+- Informations :

H: - Lecteur fixe


+- Suppression des fichiers :


--------------- [ Registre / Moutpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\open\Command

--------------- [ Recherche Cracks / Keygen ] ----------------



---------------- ! Fin du rapport ! ------------------

Bonjour, le fait d'etre passé à la phase 2 de FindyKill. a peut etre favorisé un leger déblocage car ce matin j'ai désintallé Hijackthis et reinstallé et voici le message d'erreurs :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:43:08, on 2008-10-31
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\Winamp\winampa.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Winamp Remote\bin\OrbTray.exe
H:\Program Files\Messenger\msmsgs.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wbem\wmiapsrv.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
h:\program files\winamp toolbar\WinampTbServer.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Windows Live Toolbar\msn_sl.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R285 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Orb] "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Winamp Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7285 bytes
j'espère que ca vous aidera
Je vais tenter de faire la même manipulation avec l'antivirus
Bonne journée

Re, je pense qu'hier vous m'avez conseillé de faire une opération qui a débloqué car j'ai pu reinstallé l'antivirus et il a trouvé BAGLE et j'ai pu le mettre en quarantaine. Vraiment merci beaucoup.
Faut-il que je face autre chose?

Re par contre je ne peux pas installer flash media player existe-il un lien?
Bonne journée

Re,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Re,
Je l'ai installé mais je n'arrive pas à l'ouvrir

Tu as une erreur ?

conbofix has detected that this machine does not have the "windows recovery console" si je comprends bien il me conseille de l'installer et j'ai le message d'erreur suivant : la synthaxe de la commande est incorrecte

Même en mettant nan ?

IL me propose oui ou non

Tu as essayé avec non ?

Bonjour a tous,

J'ai exactement le même problème que vanille33.
Je viens de lire ce topic mais je ne sais pas dans quel ordre il faut telecharger les logiciels et faire les scans puisque vous en citez plusieurs.

Pouvez vous me donner la marche a suivre pour trouver et deloger ce virus qui est très ennuyeux?

Avast ne se lance pas (application Win32 non valide).
J'ai désinstaller avast pour installer un autre antivirus, mais une erreur intervient a chaque fois pour 2 antivirus différents.

Merci à l'avance pour votre aide.... le temps est contre moi en plus de ça  

Cordialement!

Chacun son sujet  

C'est le même sujet! Alors pas besoin d'épiloguer!

Cela dit grace aux conseils donnés à vanille33, j'ai pu résoudre le problème !

La solution : l'option 2 de Findykill !

Merci beaucoup!

Bon courage et bonne chasse vanilla33

Tchao

Bonjour Angeldark,
Pardon pour ce silence mais je suis partie en week-end !
Je n'ai pas tres bien compris l'intervention de l'autre internaute ???
J'ai faits comme tu m'as dit, j'ai cliqué sur non et voici le rapport :
ComboFix 08-11-01.06 - ALEXANDRA 2008-11-02 17:17:50.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2577 [GMT 1:00]
Lancé depuis: H:\Documents and Settings\ALEXANDRA\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

H:\WINDOWS\system32\dao350.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-02 au 2008-11-02 ))))))))))))))))))))))))))))))))))))
.

2008-10-31 16:20 . 2008-10-31 16:35 <REP> d-------- H:\Program Files\Radio Fr Solo
2008-10-31 16:20 . 2008-10-31 16:20 1,208 --a------ H:\WINDOWS\Radio_Fr.ini
2008-10-31 14:21 . 2008-10-31 14:21 <REP> d-------- H:\Program Files\TuneUp Utilities 2008
2008-10-31 14:21 . 2008-10-31 14:21 355,584 --a------ H:\WINDOWS\system32\TuneUpDefragService.exe
2008-10-31 14:21 . 2008-05-29 09:28 28,416 --a------ H:\WINDOWS\system32\uxtuneup.dll
2008-10-31 13:07 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp Toolbar
2008-10-30 20:51 . 2008-10-30 20:51 <REP> d-------- H:\Program Files\Trend Micro
2008-10-26 08:21 . 2008-10-30 21:24 <REP> d-------- H:\Program Files\FindyKill
2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Program Files\Malwarebytes' Anti-Malware
2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Malwarebytes
2008-10-24 18:10 . 2008-10-22 15:10 38,496 --a------ H:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-24 18:10 . 2008-10-22 15:10 15,504 --a------ H:\WINDOWS\system32\drivers\mbam.sys
2008-10-24 10:40 . 2008-10-24 17:34 <REP> d-------- H:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-10-24 10:39 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp
2008-10-24 10:39 . 2008-10-24 10:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Winamp
2008-10-24 10:36 . 2008-06-10 01:32 73,728 --a------ H:\WINDOWS\system32\javacpl.cpl
2008-10-19 16:10 . 2008-10-19 16:10 <REP> d-------- H:\Program Files\Micro Application
2008-10-19 16:09 . 2008-10-19 16:09 124 --a------ H:\WINDOWS\Navigma.INI
2008-10-17 09:47 . 2008-10-24 10:40 <REP> d-------- H:\Program Files\Winamp Remote
2008-10-17 09:47 . 2008-10-17 09:47 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Winamp Toolbar
2008-10-17 09:15 . 2008-10-17 09:17 <REP> d-------- H:\Program Files\VBW
2008-10-17 09:15 . 2008-10-17 09:15 <REP> d-------- H:\Program Files\Fichiers communs\Borland Shared
2008-10-17 09:15 . 1999-03-03 04:01 212,440 --a------ H:\WINDOWS\system32\DBCLIENT.DLL
2008-10-17 09:15 . 2001-05-10 16:00 184,320 --a------ H:\WINDOWS\system32\BDEADMIN.CPL
2008-10-17 09:08 . 2008-10-17 09:08 <REP> d-------- H:\HSF
2008-10-17 09:08 . 2008-10-17 09:11 0 --a------ H:\WINDOWS\WD.INI
2008-10-16 19:21 . 2008-08-14 14:23 2,191,232 -----c--- H:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-16 19:21 . 2008-08-14 14:23 2,147,328 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-16 19:21 . 2008-08-14 14:23 2,068,096 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-16 19:21 . 2008-08-14 14:23 2,025,984 -----c--- H:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-12 20:50 . 2008-10-12 20:50 <REP> d-------- H:\Program Files\SoftChris
2008-10-12 11:45 . 2008-10-16 19:52 151 --a------ H:\WINDOWS\PhotoSnapViewer.INI
2008-10-12 07:33 . 2008-10-12 07:34 <REP> d-------- H:\Program Files\Lavasoft
2008-10-12 07:33 . 2008-10-12 07:35 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Lavasoft
2008-10-12 05:32 . 2007-07-30 18:19 271,224 --a------ H:\WINDOWS\system32\mucltui.dll
2008-10-12 05:32 . 2007-07-30 18:19 207,736 --a------ H:\WINDOWS\system32\muweb.dll
2008-10-12 05:32 . 2007-07-30 18:18 30,072 --a------ H:\WINDOWS\system32\mucltui.dll.mui
2008-10-11 22:56 . 2008-10-11 22:56 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\EPSON
2008-10-11 17:55 . 2008-10-11 17:55 <REP> d-------- H:\Program Files\emme
2008-10-11 17:55 . 1997-04-17 21:40 254,976 --a------ H:\WINDOWS\system32\SMSEQ.DLL
2008-10-11 17:55 . 1998-09-22 14:15 195,856 --a------ H:\WINDOWS\system32\RICHTX32.OCX
2008-10-11 17:55 . 1997-02-27 00:00 192,272 --a------ H:\WINDOWS\system32\MCI32.OCX
2008-10-11 17:55 . 1997-02-27 00:00 94,992 --a------ H:\WINDOWS\system32\Vb5fr.dll
2008-10-11 17:55 . 2001-01-10 12:01 75,225 --a------ H:\WINDOWS\system32\picn1820.ssm
2008-10-11 17:55 . 1999-01-27 10:18 73,184 --a------ H:\WINDOWS\system32\DAO2535.TLB
2008-10-11 17:55 . 1997-06-13 16:05 57,344 --a------ H:\WINDOWS\system32\SMOOTHS.DLL
2008-10-11 17:55 . 2002-02-13 16:59 21,747 --a------ H:\WINDOWS\emme.wri
2008-10-11 17:55 . 1997-08-05 20:34 14,048 --a------ H:\WINDOWS\system32\SMOOTH16.DLL
2008-10-11 17:55 . 1998-11-06 10:59 10,720 --a------ H:\WINDOWS\system32\SCRLIB.DLL
2008-10-11 17:55 . 1995-09-14 13:21 9,984 --a------ H:\WINDOWS\system32\BTDESIGN.DLL
2008-10-11 17:15 . 2008-10-11 17:15 268 --ah----- H:\sqmdata02.sqm
2008-10-11 17:15 . 2008-10-11 17:15 244 --ah----- H:\sqmnoopt02.sqm
2008-10-11 17:05 . 2008-10-11 17:05 <REP> d-------- H:\Documents and Settings\All Users\Application Data\UDL
2008-10-11 17:04 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON Print CD
2008-10-11 17:02 . 2008-10-11 17:02 <REP> d-------- H:\Documents and Settings\All Users\Application Data\EPSON
2008-10-11 17:02 . 2006-12-08 03:04 76,800 --a------ H:\WINDOWS\system32\E_FLBCKE.DLL
2008-10-11 17:02 . 2006-04-19 03:00 62,976 --a------ H:\WINDOWS\system32\E_FD4BCKE.DLL
2008-10-11 17:02 . 2004-09-10 21:12 49,152 --a------ H:\WINDOWS\system32\E_DCINST.DLL
2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a------ H:\WINDOWS\system32\drivers\usbprint.sys
2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a--c--- H:\WINDOWS\system32\dllcache\usbprint.sys
2008-10-11 17:00 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON
2008-10-11 17:00 . 2008-10-11 17:00 41 --a------ H:\WINDOWS\CDER285DEFGIPS.ini
2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Program Files\Versailles
2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Documents and Settings\ALEXANDRA\WINDOWS
2008-10-11 14:02 . 1996-11-06 11:04 302,592 --a------ H:\WINDOWS\unin040c.exe
2008-10-11 14:02 . 2008-10-11 14:02 92 --a------ H:\WINDOWS\versaill.ini
2008-10-11 13:54 . 2008-10-11 13:54 268 --ah----- H:\sqmdata01.sqm
2008-10-11 13:54 . 2008-10-11 13:54 244 --ah----- H:\sqmnoopt01.sqm
2008-10-11 13:44 . 2008-10-11 13:44 268 --ah----- H:\sqmdata00.sqm
2008-10-11 13:44 . 2008-10-11 13:44 244 --ah----- H:\sqmnoopt00.sqm
2008-10-11 13:43 . 2008-10-11 13:52 41 --a------ H:\WINDOWS\iltwain.ini
2008-10-11 12:26 . 2008-10-11 12:26 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Media Player Classic
2008-10-11 11:55 . 2008-10-11 11:55 <REP> d-------- H:\Program Files\Microsoft SQL Server Compact Edition
2008-10-11 11:55 . 2006-11-29 12:06 3,426,072 --a------ H:\WINDOWS\system32\d3dx9_32.dll
2008-10-11 11:54 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Favorites
2008-10-11 11:53 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Toolbar
2008-10-11 11:52 . 2008-10-11 17:17 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Contacts
2008-10-11 11:51 . 2008-10-11 11:51 <REP> d----c--- H:\WINDOWS\system32\DRVSTORE
2008-10-11 11:46 . 2008-10-12 06:21 <REP> d-------- H:\Program Files\Windows Live
2008-10-11 11:46 . 2008-10-11 11:50 <REP> d--hsc--- H:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-10-11 11:46 . 2008-10-11 11:46 <REP> d-------- H:\Documents and Settings\All Users\Application Data\WLInstaller
2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\GPLGS
2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\Acro Software
2008-10-11 11:40 . 2007-07-12 21:33 87,552 --a------ H:\WINDOWS\system32\cpwmon2k.dll
2008-10-11 11:23 . 2008-10-11 11:23 <REP> d-------- H:\WINDOWS\system32\Adobe
2008-10-11 11:23 . 2001-11-14 19:19 16,384 --a------ H:\WINDOWS\system32\FileOps.exe
2008-10-11 11:08 . 2008-10-11 11:08 <REP> d-------- H:\Program Files\LimeWire
2008-10-11 11:08 . 2008-10-17 07:00 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Shared
2008-10-11 11:08 . 2008-10-17 22:08 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Incomplete
2008-10-11 11:08 . 2008-10-11 11:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\.limewire
2008-10-11 11:06 . 2008-10-31 16:46 <REP> d-------- H:\Program Files\eMule
2008-10-11 10:59 . 2008-10-11 12:53 <REP> d-------- H:\WINDOWS\SxsCaPendDel
2008-10-11 10:58 . 2008-10-11 10:58 0 --a------ H:\WINDOWS\nsreg.dat
2008-10-11 10:40 . 2008-10-11 10:40 <REP> d-------- H:\WINDOWS\system\color
2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Fichiers communs\FotoWire
2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\AGFAnet
2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Agfa
2008-10-11 10:37 . 1998-11-13 11:16 308,224 --a------ H:\WINDOWS\IsUn040c.exe
2008-10-11 10:32 . 2000-06-29 09:00 36,864 -ra------ H:\WINDOWS\system32\agusbsti.dll
2008-10-11 10:32 . 2000-11-16 10:56 32,768 -ra------ H:\WINDOWS\system32\Snape25.bin
2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a------ H:\WINDOWS\system32\drivers\usbscan.sys
2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a--c--- H:\WINDOWS\system32\dllcache\usbscan.sys
2008-10-11 10:03 . 2008-04-13 18:33 221,184 --a------ H:\WINDOWS\system32\wmpns.dll
2008-10-11 10:02 . 2008-10-19 15:28 116 --a------ H:\WINDOWS\NeroDigital.ini
2008-10-11 10:00 . 2008-10-03 18:12 6,066,176 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll
2008-10-11 10:00 . 2007-04-17 10:32 2,455,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-10-11 10:00 . 2007-03-08 06:10 1,048,576 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-10-11 10:00 . 2008-08-26 09:11 459,264 -----c--- H:\WINDOWS\system32\dllcache\msfeeds.dll
2008-10-11 10:00 . 2008-08-26 09:11 383,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-10-11 10:00 . 2008-08-26 09:11 267,776 -----c--- H:\WINDOWS\system32\dllcache\iertutil.dll
2008-10-11 10:00 . 2008-08-26 09:11 63,488 -----c--- H:\WINDOWS\system32\dllcache\icardie.dll
2008-10-11 10:00 . 2008-08-26 09:11 52,224 -----c--- H:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-10-11 10:00 . 2008-08-25 09:38 13,824 -----c--- H:\WINDOWS\system32\dllcache\ieudinit.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-31 13:32 --------- d-----w H:\Program Files\Fichiers communs\Wise Installation Wizard
2008-10-24 09:36 --------- d-----w H:\Program Files\Java

Merci et bonne soirée

pardon il n'est pas en entier :
ComboFix 08-11-01.06 - ALEXANDRA 2008-11-02 17:17:50.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2577 [GMT 1:00]
Lancé depuis: H:\Documents and Settings\ALEXANDRA\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

H:\WINDOWS\system32\dao350.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-02 au 2008-11-02 ))))))))))))))))))))))))))))))))))))
.

2008-10-31 16:20 . 2008-10-31 16:35 <REP> d-------- H:\Program Files\Radio Fr Solo
2008-10-31 16:20 . 2008-10-31 16:20 1,208 --a------ H:\WINDOWS\Radio_Fr.ini
2008-10-31 14:21 . 2008-10-31 14:21 <REP> d-------- H:\Program Files\TuneUp Utilities 2008
2008-10-31 14:21 . 2008-10-31 14:21 355,584 --a------ H:\WINDOWS\system32\TuneUpDefragService.exe
2008-10-31 14:21 . 2008-05-29 09:28 28,416 --a------ H:\WINDOWS\system32\uxtuneup.dll
2008-10-31 13:07 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp Toolbar
2008-10-30 20:51 . 2008-10-30 20:51 <REP> d-------- H:\Program Files\Trend Micro
2008-10-26 08:21 . 2008-10-30 21:24 <REP> d-------- H:\Program Files\FindyKill
2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Program Files\Malwarebytes' Anti-Malware
2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Malwarebytes
2008-10-24 18:10 . 2008-10-22 15:10 38,496 --a------ H:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-24 18:10 . 2008-10-22 15:10 15,504 --a------ H:\WINDOWS\system32\drivers\mbam.sys
2008-10-24 10:40 . 2008-10-24 17:34 <REP> d-------- H:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-10-24 10:39 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp
2008-10-24 10:39 . 2008-10-24 10:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Winamp
2008-10-24 10:36 . 2008-06-10 01:32 73,728 --a------ H:\WINDOWS\system32\javacpl.cpl
2008-10-19 16:10 . 2008-10-19 16:10 <REP> d-------- H:\Program Files\Micro Application
2008-10-19 16:09 . 2008-10-19 16:09 124 --a------ H:\WINDOWS\Navigma.INI
2008-10-17 09:47 . 2008-10-24 10:40 <REP> d-------- H:\Program Files\Winamp Remote
2008-10-17 09:47 . 2008-10-17 09:47 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Winamp Toolbar
2008-10-17 09:15 . 2008-10-17 09:17 <REP> d-------- H:\Program Files\VBW
2008-10-17 09:15 . 2008-10-17 09:15 <REP> d-------- H:\Program Files\Fichiers communs\Borland Shared
2008-10-17 09:15 . 1999-03-03 04:01 212,440 --a------ H:\WINDOWS\system32\DBCLIENT.DLL
2008-10-17 09:15 . 2001-05-10 16:00 184,320 --a------ H:\WINDOWS\system32\BDEADMIN.CPL
2008-10-17 09:08 . 2008-10-17 09:08 <REP> d-------- H:\HSF
2008-10-17 09:08 . 2008-10-17 09:11 0 --a------ H:\WINDOWS\WD.INI
2008-10-16 19:21 . 2008-08-14 14:23 2,191,232 -----c--- H:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-16 19:21 . 2008-08-14 14:23 2,147,328 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-16 19:21 . 2008-08-14 14:23 2,068,096 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-16 19:21 . 2008-08-14 14:23 2,025,984 -----c--- H:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-12 20:50 . 2008-10-12 20:50 <REP> d-------- H:\Program Files\SoftChris
2008-10-12 11:45 . 2008-10-16 19:52 151 --a------ H:\WINDOWS\PhotoSnapViewer.INI
2008-10-12 07:33 . 2008-10-12 07:34 <REP> d-------- H:\Program Files\Lavasoft
2008-10-12 07:33 . 2008-10-12 07:35 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Lavasoft
2008-10-12 05:32 . 2007-07-30 18:19 271,224 --a------ H:\WINDOWS\system32\mucltui.dll
2008-10-12 05:32 . 2007-07-30 18:19 207,736 --a------ H:\WINDOWS\system32\muweb.dll
2008-10-12 05:32 . 2007-07-30 18:18 30,072 --a------ H:\WINDOWS\system32\mucltui.dll.mui
2008-10-11 22:56 . 2008-10-11 22:56 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\EPSON
2008-10-11 17:55 . 2008-10-11 17:55 <REP> d-------- H:\Program Files\emme
2008-10-11 17:55 . 1997-04-17 21:40 254,976 --a------ H:\WINDOWS\system32\SMSEQ.DLL
2008-10-11 17:55 . 1998-09-22 14:15 195,856 --a------ H:\WINDOWS\system32\RICHTX32.OCX
2008-10-11 17:55 . 1997-02-27 00:00 192,272 --a------ H:\WINDOWS\system32\MCI32.OCX
2008-10-11 17:55 . 1997-02-27 00:00 94,992 --a------ H:\WINDOWS\system32\Vb5fr.dll
2008-10-11 17:55 . 2001-01-10 12:01 75,225 --a------ H:\WINDOWS\system32\picn1820.ssm
2008-10-11 17:55 . 1999-01-27 10:18 73,184 --a------ H:\WINDOWS\system32\DAO2535.TLB
2008-10-11 17:55 . 1997-06-13 16:05 57,344 --a------ H:\WINDOWS\system32\SMOOTHS.DLL
2008-10-11 17:55 . 2002-02-13 16:59 21,747 --a------ H:\WINDOWS\emme.wri
2008-10-11 17:55 . 1997-08-05 20:34 14,048 --a------ H:\WINDOWS\system32\SMOOTH16.DLL
2008-10-11 17:55 . 1998-11-06 10:59 10,720 --a------ H:\WINDOWS\system32\SCRLIB.DLL
2008-10-11 17:55 . 1995-09-14 13:21 9,984 --a------ H:\WINDOWS\system32\BTDESIGN.DLL
2008-10-11 17:15 . 2008-10-11 17:15 268 --ah----- H:\sqmdata02.sqm
2008-10-11 17:15 . 2008-10-11 17:15 244 --ah----- H:\sqmnoopt02.sqm
2008-10-11 17:05 . 2008-10-11 17:05 <REP> d-------- H:\Documents and Settings\All Users\Application Data\UDL
2008-10-11 17:04 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON Print CD
2008-10-11 17:02 . 2008-10-11 17:02 <REP> d-------- H:\Documents and Settings\All Users\Application Data\EPSON
2008-10-11 17:02 . 2006-12-08 03:04 76,800 --a------ H:\WINDOWS\system32\E_FLBCKE.DLL
2008-10-11 17:02 . 2006-04-19 03:00 62,976 --a------ H:\WINDOWS\system32\E_FD4BCKE.DLL
2008-10-11 17:02 . 2004-09-10 21:12 49,152 --a------ H:\WINDOWS\system32\E_DCINST.DLL
2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a------ H:\WINDOWS\system32\drivers\usbprint.sys
2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a--c--- H:\WINDOWS\system32\dllcache\usbprint.sys
2008-10-11 17:00 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON
2008-10-11 17:00 . 2008-10-11 17:00 41 --a------ H:\WINDOWS\CDER285DEFGIPS.ini
2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Program Files\Versailles
2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Documents and Settings\ALEXANDRA\WINDOWS
2008-10-11 14:02 . 1996-11-06 11:04 302,592 --a------ H:\WINDOWS\unin040c.exe
2008-10-11 14:02 . 2008-10-11 14:02 92 --a------ H:\WINDOWS\versaill.ini
2008-10-11 13:54 . 2008-10-11 13:54 268 --ah----- H:\sqmdata01.sqm
2008-10-11 13:54 . 2008-10-11 13:54 244 --ah----- H:\sqmnoopt01.sqm
2008-10-11 13:44 . 2008-10-11 13:44 268 --ah----- H:\sqmdata00.sqm
2008-10-11 13:44 . 2008-10-11 13:44 244 --ah----- H:\sqmnoopt00.sqm
2008-10-11 13:43 . 2008-10-11 13:52 41 --a------ H:\WINDOWS\iltwain.ini
2008-10-11 12:26 . 2008-10-11 12:26 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Media Player Classic
2008-10-11 11:55 . 2008-10-11 11:55 <REP> d-------- H:\Program Files\Microsoft SQL Server Compact Edition
2008-10-11 11:55 . 2006-11-29 12:06 3,426,072 --a------ H:\WINDOWS\system32\d3dx9_32.dll
2008-10-11 11:54 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Favorites
2008-10-11 11:53 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Toolbar
2008-10-11 11:52 . 2008-10-11 17:17 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Contacts
2008-10-11 11:51 . 2008-10-11 11:51 <REP> d----c--- H:\WINDOWS\system32\DRVSTORE
2008-10-11 11:46 . 2008-10-12 06:21 <REP> d-------- H:\Program Files\Windows Live
2008-10-11 11:46 . 2008-10-11 11:50 <REP> d--hsc--- H:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-10-11 11:46 . 2008-10-11 11:46 <REP> d-------- H:\Documents and Settings\All Users\Application Data\WLInstaller
2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\GPLGS
2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\Acro Software
2008-10-11 11:40 . 2007-07-12 21:33 87,552 --a------ H:\WINDOWS\system32\cpwmon2k.dll
2008-10-11 11:23 . 2008-10-11 11:23 <REP> d-------- H:\WINDOWS\system32\Adobe
2008-10-11 11:23 . 2001-11-14 19:19 16,384 --a------ H:\WINDOWS\system32\FileOps.exe
2008-10-11 11:08 . 2008-10-11 11:08 <REP> d-------- H:\Program Files\LimeWire
2008-10-11 11:08 . 2008-10-17 07:00 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Shared
2008-10-11 11:08 . 2008-10-17 22:08 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Incomplete
2008-10-11 11:08 . 2008-10-11 11:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\.limewire
2008-10-11 11:06 . 2008-10-31 16:46 <REP> d-------- H:\Program Files\eMule
2008-10-11 10:59 . 2008-10-11 12:53 <REP> d-------- H:\WINDOWS\SxsCaPendDel
2008-10-11 10:58 . 2008-10-11 10:58 0 --a------ H:\WINDOWS\nsreg.dat
2008-10-11 10:40 . 2008-10-11 10:40 <REP> d-------- H:\WINDOWS\system\color
2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Fichiers communs\FotoWire
2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\AGFAnet
2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Agfa
2008-10-11 10:37 . 1998-11-13 11:16 308,224 --a------ H:\WINDOWS\IsUn040c.exe
2008-10-11 10:32 . 2000-06-29 09:00 36,864 -ra------ H:\WINDOWS\system32\agusbsti.dll
2008-10-11 10:32 . 2000-11-16 10:56 32,768 -ra------ H:\WINDOWS\system32\Snape25.bin
2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a------ H:\WINDOWS\system32\drivers\usbscan.sys
2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a--c--- H:\WINDOWS\system32\dllcache\usbscan.sys
2008-10-11 10:03 . 2008-04-13 18:33 221,184 --a------ H:\WINDOWS\system32\wmpns.dll
2008-10-11 10:02 . 2008-10-19 15:28 116 --a------ H:\WINDOWS\NeroDigital.ini
2008-10-11 10:00 . 2008-10-03 18:12 6,066,176 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll
2008-10-11 10:00 . 2007-04-17 10:32 2,455,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-10-11 10:00 . 2007-03-08 06:10 1,048,576 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-10-11 10:00 . 2008-08-26 09:11 459,264 -----c--- H:\WINDOWS\system32\dllcache\msfeeds.dll
2008-10-11 10:00 . 2008-08-26 09:11 383,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-10-11 10:00 . 2008-08-26 09:11 267,776 -----c--- H:\WINDOWS\system32\dllcache\iertutil.dll
2008-10-11 10:00 . 2008-08-26 09:11 63,488 -----c--- H:\WINDOWS\system32\dllcache\icardie.dll
2008-10-11 10:00 . 2008-08-26 09:11 52,224 -----c--- H:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-10-11 10:00 . 2008-08-25 09:38 13,824 -----c--- H:\WINDOWS\system32\dllcache\ieudinit.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-31 13:32 --------- d-----w H:\Program Files\Fichiers communs\Wise Installation Wizard
2008-10-24 09:36 --------- d-----w H:\Program Files\Java
2008-10-19 15:10 --------- d--h--w H:\Program Files\InstallShield Installation Information
2008-10-12 01:01 --------- d-----w H:\Program Files\Microsoft Works
2008-10-11 16:05 --------- d-----w H:\Program Files\Fichiers communs\InstallShield
2008-10-11 10:23 --------- d-----w H:\Program Files\Fichiers communs\Adobe
2008-10-11 09:03 --------- d-----w H:\Documents and Settings\ALEXANDRA\Application Data\Ahead
2008-10-10 16:43 --------- d-----w H:\Program Files\NVIDIA Corporation
2008-10-10 16:41 --------- d-----w H:\Program Files\MSI
2008-10-10 16:37 315,392 ----a-w H:\WINDOWS\HideWin.exe
2008-10-10 16:37 --------- d-----w H:\Program Files\Realtek
2008-10-10 16:35 --------- d-----w H:\Documents and Settings\ALEXANDRA\Application Data\InstallShield
2008-10-10 16:27 --------- d-----w H:\Program Files\microsoft frontpage
2008-10-10 16:26 --------- d-----w H:\Program Files\Services en ligne
2008-10-10 12:45 --------- d-----w H:\Program Files\Alwil Software
2008-10-10 12:08 --------- d-----w H:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-10-10 11:32 --------- d-----w H:\Program Files\Nero
2008-10-10 11:32 --------- d-----w H:\Program Files\Fichiers communs\Ahead
2008-10-10 11:31 --------- d-----w H:\Program Files\Yahoo!
2008-10-10 11:26 --------- d-----w H:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-10-10 11:26 --------- d-----w H:\Documents and Settings\ALEXANDRA\Application Data\TuneUp Software
2008-10-10 11:16 155,995 ----a-w H:\WINDOWS\java\Packages\EC89NJPV.ZIP
2008-10-10 11:16 --------- d-----w H:\Program Files\Fichiers communs\Java
2008-10-10 11:15 --------- d-----w H:\Program Files\K-Lite Codec Pack
2008-10-10 11:15 --------- d-----w H:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-10 11:10 --------- d-----w H:\Program Files\Microsoft.NET
2008-09-15 15:26 1,846,528 ----a-w H:\WINDOWS\system32\win32k.sys
2008-09-08 10:41 333,824 ----a-w H:\WINDOWS\system32\drivers\srv.sys
2008-08-26 08:11 826,368 ----a-w H:\WINDOWS\system32\wininet.dll
2008-08-14 13:23 2,147,328 ----a-w H:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:23 2,025,984 ----a-w H:\WINDOWS\system32\ntkrnlpa.exe
2000-10-23 08:37 122,880 ----a-r H:\WINDOWS\inf\AGFA\Message.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "H:\Program Files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="H:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"MsnMsgr"="H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"EPSON Stylus Photo R285 Series"="H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE" [2007-04-13 182272]
"Orb"="H:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
"MSMSGS"="H:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck"="H:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [2007-10-04 8491008]
"Adobe Reader Speed Launcher"="H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"WinampAgent"="H:\Program Files\Winamp\winampa.exe" [2008-08-04 36352]
"avast!"="H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

H:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-11 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.l3fhg"= mp3fhg.acm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"NVIDIA nTune"="H:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RTHDCPL"=RTHDCPL.EXE
"NvCplDaemon"=RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
"NvMediaCenter"=RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"LiveMonitor"=H:\Program Files\MSI\Live Update 3\LMonitor.exe
"Alcmtr"=ALCMTR.EXE
"Adobe Reader Speed Launcher"="H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"nwiz"=nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"H:\\WINDOWS\\system32\\dpvsetup.exe"=
"H:\\Program Files\\eMule\\emule.exe"=
"H:\\Program Files\\LimeWire\\LimeWire.exe"=
"H:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"H:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"H:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"H:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"H:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"H:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=

R1 aswSP;avast! Self Protection;H:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;H:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 UxTuneUp;TuneUp Extension de thème;H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 usbstor;Pilote de stockage de masse USB;H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver;H:\WINDOWS\system32\drivers\nvhda32.sys [2007-07-16 26272]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;H:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-31 355584]
S3 usbscan;Pilote de scanneur USB;H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-11-02 H:\WINDOWS\Tasks\Maintenance en 1 clic.job
- H:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]

2008-10-31 H:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- H:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - H:\Documents and Settings\ALEXANDRA\Application Data\Mozilla\Firefox\Profiles\a5alt4x7.default\
FF -: plugin - H:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - H:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-02 17:18:56
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-11-02 17:19:30
ComboFix-quarantined-files.txt 2008-11-02 16:19:27

Avant-CF: 221,921,693,696 octets libres
Après-CF: 221,967,294,464 octets libres

258 --- E O F --- 2008-10-24 16:33:16

Ton pc se comporte mieux ?

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

Re,
u faut il que je telecharge antivir?

apres plusieurs essais je suis arrivée à l'installer, voici le rapport :
02.11.2008 19:35:58 - Installation Directory: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
02.11.2008 19:35:58 - Backup Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
02.11.2008 19:35:58 - Temp Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\
02.11.2008 19:35:58 - Using System's global Proxy settings
02.11.2008 19:35:58 - Launching GUI... display mode: 0
02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
02.11.2008 19:35:58 - Installation Directory: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
02.11.2008 19:35:58 - Backup Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
02.11.2008 19:35:58 - Temp Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\
02.11.2008 19:35:58 - Using System's global Proxy settings
02.11.2008 19:35:58 - Launching GUI... display mode: 0
02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
02.11.2008 19:35:58 - Avira AntiVir Personal - Free Antivirus
02.11.2008 19:35:59 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\idx/master.idx to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
02.11.2008 19:35:59 - Master IDX file has changed
02.11.2008 19:35:59 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/classic-nt-en.info.gz
02.11.2008 19:36:00 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\classic-nt-en.info to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
02.11.2008 19:36:00 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/vdf.info.gz
02.11.2008 19:36:00 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/specvir-nt.info.gz
02.11.2008 19:36:01 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/ave2.info.gz
02.11.2008 19:36:01 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/info-wks-classic-nt-en.in...
02.11.2008 19:36:02 - Module: SELFUPDATE Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
02.11.2008 19:36:02 - Module: MAIN Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 83
02.11.2008 19:36:02 - Module: COMMAPPDATA_AV Source: winwks\en\ Destination: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ Files: 1
02.11.2008 19:36:02 - Module: COMMAPP Source: winwks\en\ Destination: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ Files: 4
02.11.2008 19:36:02 - Module: COMMAPDATA_AV_PROFILES Source: winwks\en\ Destination: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ Files: 2
02.11.2008 19:36:02 - Module: TEXT Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
02.11.2008 19:36:02 - Module: VDF Source: vdf\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf 6.40.0.0 < 7.1.0.0
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf 7.0.5.1 < 7.1.0.21
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.5.20 < 7.1.0.22
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.5.23 < 7.1.0.27
02.11.2008 19:36:02 - Module: AVREP_NT Source: engine\nt\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll 7.0.0.1 < 8.0.0.2
02.11.2008 19:36:02 - Module: AVE2 Source: ave2\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 14
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.2.6 < 8.1.2.9
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.41 < 8.1.0.42
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.59 < 8.1.0.63
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.28 < 8.1.0.29
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.1.8 < 8.1.1.9
02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat 8.2.0.4 < 8.2.0.10
02.11.2008 19:36:02 - Module: DRV Source: winwks\en\ Destination: H:\WINDOWS\SYSTEM32\drivers\ Files: 4
02.11.2008 19:36:02 - Module: PRODINFO Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
02.11.2008 19:36:02 - Minifilter is installed
02.11.2008 19:36:02 - Minifilter is possible
02.11.2008 19:36:02 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
02.11.2008 19:36:03 - Initialize avnotify.exe
02.11.2008 19:36:03 - Starting avnotify.exe successful
02.11.2008 19:36:03 - Preparing to download files
02.11.2008 19:36:03 - 13 files need to be downloaded / copied from http://dl2.avgate.net/upd/
02.11.2008 19:36:03 - #1: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/classic-nt/filelist... to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/filelist.ini
02.11.2008 19:36:03 - #2: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/classic-nt/product.... to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/product.ini
02.11.2008 19:36:04 - #3: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir0.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir0.vdf
02.11.2008 19:36:50 - #4: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir1.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir1.vdf
02.11.2008 19:36:51 - #5: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir2.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir2.vdf
02.11.2008 19:36:52 - #6: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir3.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir3.vdf
02.11.2008 19:36:52 - #7: Downloading and extracting http://dl2.avgate.net/upd/engine/nt/avrep.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\engine\nt\avrep.dll
02.11.2008 19:36:53 - #8: Downloading and extracting http://dl2.avgate.net/upd/ave2/aecore.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aecore.dll
02.11.2008 19:36:53 - #9: Downloading and extracting http://dl2.avgate.net/upd/ave2/aegen.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aegen.dll
02.11.2008 19:36:54 - #10: Downloading and extracting http://dl2.avgate.net/upd/ave2/aeheur.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeheur.dll
02.11.2008 19:36:56 - #11: Downloading and extracting http://dl2.avgate.net/upd/ave2/aeoffice.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeoffice.dll
02.11.2008 19:36:57 - #12: Downloading and extracting http://dl2.avgate.net/upd/ave2/aescript.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aescript.dll
02.11.2008 19:36:58 - #13: Downloading and extracting http://dl2.avgate.net/upd/ave2/aeset.dat.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeset.dat
02.11.2008 19:37:03 - Keyfile: OK [FULL Mode]
02.11.2008 19:37:03 - Status of service AntiVirService is running
02.11.2008 19:37:03 - Initialize avscan.exe
02.11.2008 19:37:03 - Initialize avcenter.exe
02.11.2008 19:37:03 - Initialize avgnt.exe
02.11.2008 19:37:03 - avscan.exe closed.
02.11.2008 19:37:04 - avgnt.exe closed.
02.11.2008 19:37:04 - Starting to install
02.11.2008 19:37:04 - File H:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini will not be backed up because it doesn't exist
02.11.2008 19:37:04 - File H:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini will not be backed up because it doesn't exist
02.11.2008 19:37:04 - Processing module MAIN Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
02.11.2008 19:37:04 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/filelist.ini to H:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini
02.11.2008 19:37:04 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/product.ini to H:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini
02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir0.vdf
02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir1.vdf
02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir2.vdf
02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir3.vdf
02.11.2008 19:37:04 - Processing module VDF Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir0.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf
02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir1.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf
02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir2.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf
02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir3.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf
02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\avrep.dll
02.11.2008 19:37:05 - Processing module AVREP_NT Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\engine\nt\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\engine\nt\avrep.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll
02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aecore.dll
02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aegen.dll
02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeheur.dll
02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeoffice.dll
02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aescript.dll
02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeset.dat
02.11.2008 19:37:05 - Processing module AVE2 Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
02.11.2008 19:37:06 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aecore.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll
02.11.2008 19:37:07 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aegen.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll
02.11.2008 19:37:08 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeheur.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll
02.11.2008 19:37:09 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeoffice.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll
02.11.2008 19:37:10 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aescript.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll
02.11.2008 19:37:10 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeset.dat to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat
02.11.2008 19:37:10 - A total of 13 files were updated
02.11.2008 19:37:10 - Initialize AVWSC.EXE
02.11.2008 19:37:10 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress
02.11.2008 19:37:10 - Status of service AntiVirService is running
02.11.2008 19:37:11 - Reinitialization of AntiVirService carried out successfully.
02.11.2008 19:37:11 - Starting avgnt.exe successful
02.11.2008 19:37:11 - Dialup: 0
02.11.2008 19:37:11 - Downloaded bytes: 16897069
02.11.2008 19:37:11 - Downloaded file(s): 13
02.11.2008 19:37:11 - Downloaded file(s): filelist.ini; product.ini; antivir0.vdf; antivir1.vdf; antivir2.vdf; antivir3.vdf; avrep.dll; aecore.dll; aegen.dll; aeheur.dll
02.11.2008 19:37:11 - Downloaded file(s): aeoffice.dll; aescript.dll; aeset.dat
02.11.2008 19:37:11 - Required time: 01:13
02.11.2008 19:37:11 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate
02.11.2008 19:37:12 - Update finished successfully

Re et bon appétit !
je viens de faire un nouveau scan de antivir
Avira AntiVir Personal
Report file date: 2 novembre 2008 20:05

Scanning for 1002747 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: ALEXANDRA
Computer name: WINXPSP3

Version information:
BUILD.DAT : 8.2.0.334 16933 Bytes 2008-10-16 14:55:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 18:36:50
ANTIVIR1.VDF : 7.1.0.21 130560 Bytes 2008-10-31 18:36:51
ANTIVIR2.VDF : 7.1.0.22 2048 Bytes 2008-10-31 18:36:52
ANTIVIR3.VDF : 7.1.0.27 30208 Bytes 2008-11-02 18:36:52
Engineversion : 8.2.0.10
AEVDF.DLL : 8.1.0.6 102772 Bytes 2008-10-14 11:05:56
AESCRIPT.DLL : 8.1.1.9 319867 Bytes 2008-11-02 18:36:58
AESCN.DLL : 8.1.1.3 123252 Bytes 2008-10-14 11:05:56
AERDL.DLL : 8.1.1.2 438644 Bytes 2008-09-12 07:06:02
AEPACK.DLL : 8.1.2.4 369014 Bytes 2008-10-14 11:05:56
AEOFFICE.DLL : 8.1.0.29 196988 Bytes 2008-11-02 18:36:57
AEHEUR.DLL : 8.1.0.63 1479032 Bytes 2008-11-02 18:36:56
AEHELP.DLL : 8.1.1.2 115062 Bytes 2008-10-14 11:05:56
AEGEN.DLL : 8.1.0.42 319861 Bytes 2008-11-02 18:36:54
AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-14 11:05:56
AECORE.DLL : 8.1.2.9 172407 Bytes 2008-11-02 18:36:53
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-14 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-11-02 18:36:53
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 14:34:37

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: h:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: H:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2 novembre 2008 20:05

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'winampTbServer.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nTuneService.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'OrbTray.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
36 processes with 36 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'H:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '53' files ).


Starting the file scan:

Begin scan in 'H:\'
H:\pagefile.sys
[WARNING] The file could not be opened!
H:\Avenger\m\shared\404 : Page is Not Found ? Now it will be! 1.1.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4941fa6b.qua'!
H:\Avenger\m\shared\7tools_Partition_Manager_2005_6.02.01.zip
[0] Archive type: ZIP
--> key_generator.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '497cfab2.qua'!
H:\Avenger\m\shared\abcAVI_Tag_Editor_1.8.1.129.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4970faa2.qua'!
H:\Avenger\m\shared\Advanced_Page_Rank_Analyzer_2.0_[Crack].zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4983faa6.qua'!
H:\Avenger\m\shared\AJet_3.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4972fa90.qua'!
H:\Avenger\m\shared\All_Stats_Hockey_Coach_6.0.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4979fac1.qua'!
H:\Avenger\m\shared\Altdo_Convert_MP3_Master_2.1.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4981fafa.qua'!
H:\Avenger\m\shared\Apple_FireWire_Drivers_2.5.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[WARNING] The file was ignored!
H:\Avenger\m\shared\Asf_Seek_Maker_1.5_KeyGen.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4973fb08.qua'!
H:\Avenger\m\shared\AtleX CPU Speed 1.0.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4979fb0b.qua'!
H:\Avenger\m\shared\Autumn Leaves Fall Foliage Collection 2.0.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[WARNING] The file was ignored!
H:\Avenger\m\shared\Avast.Pro.v4.7.871.Incl.Keymaker-CORE.czip.zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '496efb13.qua'!
H:\Avenger\m\shared\A_Haunted_Halloween_ScreenSaver_1.00.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was deleted!
H:\Avenger\m\shared\Backup2Net_1.1.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[WARNING] The file was ignored!
H:\Avenger\m\shared\BatteryMon_2.1_Build_1000_Cracked.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4981fb09.qua'!
H:\Avenger\m\shared\Beautiful Britain winter screensaver 1.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was renamed to 'Beautiful Britain winter screensaver 1.zip.VIR'!
H:\Avenger\m\shared\Beyond_Media_1.0_Key.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[WARNING] The file was ignored!
H:\Avenger\m\shared\BFG_Chat_Client_1.17.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4954fb08.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Bid-n-Invoice Basic Invoice 2.1.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4971fb31.qua'!
H:\Avenger\m\shared\Butterfly Jungle 3D Screensaver 1.0.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was moved to '4981fb41.qua'!
H:\Avenger\m\shared\Car_Logbook_2.3.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffb33.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Chronilist 5.9.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffb3f.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Claves.Bitdefender.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '496efb4e.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Copy+ 2.01.01.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497dfb58.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\CryptoSystem Personal 1.2.zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4986fb62.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Custom Shapes Pack 12 'Torus' 1.0.0 Patch.zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was deleted!
H:\Avenger\m\shared\Data Export - DB22DBF 1.0.zip
[0] Archive type: ZIP
--> key_generator.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fb5f.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\DB-HTML_Converter_PRO_1.4.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '493afb45.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Demo Builder 6.00.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497afb71.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Desktop FLV Player 1.0.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4980fb76.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Desktop Organizer & Arranger 1.1.7.zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4980fb7c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Digital Photo Fixer 2004.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4974fb86.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Diskasizer 1.2.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4980fb8a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Dmouse 1.0.0.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497cfb93.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\DocsToBox 1.1.1 Build 195.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] The file was deleted!
H:\Avenger\m\shared\DVDCommander_Free_2006_2.5.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4951fb86.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\EasyHex Hex Editor 1.13.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4980fb9a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Easy_Pocket_PC_Installer_1.21.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4980fb9f.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\EDIdEv_SEF_Reader_1.0.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4956fbb3.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\EMS_Data_Import_2005_for_MySQL_2.1.0.2.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4960fbc1.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Energize 2.0 Beta 2.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4972fbe7.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Enigma_0.92.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4976fbeb.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Ewido.antimalware.4.0.Beta.keygen.Serial.czip.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4976fbf9.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Extra DVD Ripper Express 4.52.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fc01.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Eye_Candy_5_Impact_[KeyGen].zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4972fc06.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\EzLink NG 2005.10.21.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4959fc0c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\File Data Viewer 1.0.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4979fc00.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Fitness Assistant 1.99.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fc09.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Flash_Projector_1.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '496efc0d.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\FlowChartX_control_4.1.4.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497cfc0d.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\FMF Skin Creator 1.0.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4953fbee.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Fontonizer_1.02_build_105.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497bfc11.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\FotoTagger 2.10.0.1.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fc11.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\FoxNotes 2.5.4.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4985fc11.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\FrameSolver 2D 1.0 Key.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '496efc15.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Frobisher Font TrueType 1.51.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497cfc15.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\FullShot_9.5.1.1_(Key+Serial).zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4979fc18.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\GameSelect_2.1.1.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497afc04.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\genesisseeds_toolbar_for_IE_4.5.132.0.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497bfc09.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Goal.Com - Live News 1.0.0.0.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '496efc13.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Google Pack 2.2.969.23408 Beta.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497cfc13.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Green Saver 3.10.0510.zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4972fc16.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Half-Life_Natural_Selection_4_client_3.0_beta.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4979fc06.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Halo_Dedicated_Server_Init_File_Builder_2.1.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '487ea927.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Hot Video to iPod Converter 2.0 Crack.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fc14.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Human Resource Manager 2.0.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497afc1b.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Inhabitants of Wood Screensaver 1.0.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4975fc14.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\JobOrder 12.9.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '496ffc15.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Kalvyn_Workgroup_Software_Access_Edition_2006_1.0.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4979fc08.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Karamasoft_UltimateEditor_2.3_(Serial).zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc08.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\KFI am 640 2.00.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4956fbed.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\KingConvert For Data Burn 5.0.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '48e1fb2a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\LingvoSoft_Dictionary_2007_Russian_-_Armenian_4.0.22_[Key].zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497bfc13.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\ListGrabber Standard 4.0.0.39.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4980fc11.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Lookup Unlisted Phone Number 1.0.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497cfc17.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\LuckyPhoto 1.0.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4970fc1e.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Magic_Audio_Recorder_5.4.0.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4974fc0a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\MCE Controller 1.1.0.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4952fbec.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Microsoft Phishing Filter Add-in for MSN Search Toolbar 3.0.4702.0.zip
[0] Archive type: ZIP
--> key_generator.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4970fc13.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Millions_of_Light_Years_1.6_Cracked.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4979fc13.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\MindChimes 1.3.0.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '48e1fb2c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Ministry Assistant 1.4.3.4.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497bfc14.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\MSN UK Movies 1.0.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '495bfbfe.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Nawras PC Supervisor 1.0.0.0.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4984fc0c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\NOD32.Antivirus.v2.51.30.FR.(Version.Windows_XP_2000_2003_NT_32-bit_64-bit).Incl-Crack.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4951fbfa.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\NotepadEx 1.7.4.4.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fc1b.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\PalTalkScene 9.2.221.zip
[0] Archive type: ZIP
--> key_generator.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4979fc0d.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Parnian_for_Freehand_3.0.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc0d.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Paving Design Expert 1.3.0.135.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4983fc0e.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\PDF Suite .NET 3.0.zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4953fbf1.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\PDF_album_maker_1.01_[Cracked].zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '48c9fcca.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Phone Deck 1.3.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497cfc16.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Play_Guitar_2.0.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '496efc1a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\PLC Training - RSlogix Simulator 3.0.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4950fbfa.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Pluto_3D_ScreenSaver_1.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4982fc1b.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\PrePromote v4.05.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4972fc21.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\PSD2FLA_1.0.3_r031_Key+Serial.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4951fc02.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Qurb_3.0.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc24.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\RICECAKES 1.5.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4950fbf9.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\ServersCheck_VNCAdministrator_1.0_[Serial].zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc15.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\SetPwd 1.5.0.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fc15.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\SetupTIE2007 1.0.3.4.zip
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4981fc16.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Simple_Home_Money_Management_2006.4.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497afc1a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Softinabox_Remind_Me!_1.0.0_Build_38.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4973fc20.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Sprinkle Clock ScreenSaver 2.3.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc22.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\SSW_Property_and_Event_Pro_2000_2.3_[KeyGen].zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4964fc05.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Stay with me toolbar for IE 4.5.132.0.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '496efc26.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Streams 1.53.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc26.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Sudoku_Puzzle_Game_1.0.zip
[0] Archive type: ZIP
--> run.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4971fc28.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Summertime_Skies_1.00.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497afc28.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\SysImage_HTML2Image_1.5_Crack.zip
[0] Archive type: ZIP
--> key_generator.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4980fc2c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\TechSmith_Screen_Capture_Codec_1.0.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4970fc19.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\The Hubble Space Telescope Part 2 1.0.zip
[0] Archive type: ZIP
--> key_gen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4972fc1c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\True_Conception_of_Sri_Guru_Tattva_1.08.zip
[0] Archive type: ZIP
--> patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4982fc27.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\UControls GlassButton 1.zip
[0] Archive type: ZIP
--> keygen.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497cfbf8.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\VCW VicMan's Submass 5.2 Key+Serial.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4964fbf8.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\VeriTime Time Tracker 5.0.4.16.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc1a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\ViruScape_2006.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497ffc1f.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Voxengo_Marquis_Compressor_1.4_(Key).zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4985fc25.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\WannaChat 0.50804.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497bfc17.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Wav_Split_Mp3_1.00_(Cracked).zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4983fc18.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\WeightWare_3.4.0_Crack.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4976fc1c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Windows_Live_Messenger_Now_Playing_Plugin_0.23.zip
[0] Archive type: ZIP
--> serial.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497bfc20.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\WorshipLeader_4.8.2.zip
[0] Archive type: ZIP
--> install_patch.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '48e5fb1f.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Y!RabidStatter_2.1.zip
[0] Archive type: ZIP
--> install_crack.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '495ffbd9.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\Zinc 2.5.0.16.zip
[0] Archive type: ZIP
--> key_generator.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '497bfc21.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Avenger\m\shared\ZPC demo.zip
[0] Archive type: ZIP
--> crac.exe
[DETECTION] Is the TR/Dldr.Bagle.ael Trojan
[NOTE] A backup was created as '4950fc09.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Documents and Settings\ALEXANDRA\Incomplete\T-3545425-anne silvestre.mp3
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] A backup was created as '4940fbf0.qua' ( QUARANTINE )
[NOTE] The file was deleted!
H:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Ad-Aware QF 20081025 131042.aawqff
[0] Archive type: HIDDEN
--> FIL\\\?\H:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Ad-Aware QF 20081025 131042.aawqff
[DETECTION] Is the TR/Bagle.Gen.B Trojan
[NOTE] A backup was created as '493afcae.qua' ( QUARANTINE )
[NOTE] The file was deleted!


End of the scan: 2 novembre 2008 20:26
Used time: 20:41 Minute(s)

The scan has been done completely.

2935 Scanning directories
282359 Files were scanned
129 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
111 files were deleted
0 files were repaired
121 files were moved to quarantine
1 files were renamed
1 Files cannot be scanned
282229 Files not concerned
1526 Archives were scanned
9 Warnings
125 Notes

Reposte un rapport Hijackthis.

Bonjour, voici le rapport demandé :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:36:14, on 2008-11-07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
H:\Program Files\Winamp\winampa.exe
H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Winamp Remote\bin\OrbTray.exe
H:\Program Files\Messenger\msmsgs.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wbem\wmiapsrv.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R285 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Orb] "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Winamp Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - H:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7441 bytes

Re,

Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

Re,
je l'ai fait
voici le rapport après :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:15:43, on 2008-11-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\Winamp\winampa.exe
H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Winamp Remote\bin\OrbTray.exe
H:\Program Files\Messenger\msmsgs.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wbem\wmiapsrv.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\eMule\emule.exe
H:\WINDOWS\System32\TuneUpDefragService.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R285 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Orb] "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Winamp Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - H:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7357 bytes

Encore des soucis ?

NON JE NE PENSE PAS , J'ai seulement l'ordi qui plante q'en je veux jouer au jeu VERSAILLE;penses-tu qu'il y ait un lien?
Pour l'antivirus faut-il que je mette automatiquement les virus en quarentaine ou que face DELATE?
Merci

En quarantaine c'est bien. Pour moi, ton problème n'est pas lié à une infection.

Re, c'est lié à quoi?