Votre question

problème avast

Tags :
  • Agent
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Octobre 2008 20:11:18

Bonjour, pouvez-vous m'aider car je n'arrive plus à ouvrir avast. Je l'ai désinstallé en passant par ajout suppréssion de programme. J'ai voulu le réinstaller et je ne peux pas. Je pense avoir attrapé le virus BALGE; pourriez-vous m'aider s'il vous plait? Merci d'avance

Autres pages sur : probleme avast

a b 8 Sécurité
25 Octobre 2008 21:02:43

Bonjour,

Télécharge ELIBAGLA en bas de cette page.
Clique sur le bouton Descargar Elibagla, cela va télécharger le fichier, place-le sur ton Bureau.
Double-clique dessus pour l'ouvrir.
Assure-toi que dans le menu déroulant Unidad, vous ayez bien C:\
Vérifie aussi aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente soit bien cochée.
Clique sur le bouton Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.

AIDE : Comment supprimer Bagle ?
25 Octobre 2008 21:17:48

Bonjour, c'est la première fois que j'utilise les services de ce site et je n"ai pas compris ou je dois cliquer pour télécharger ELIBAGLA; pourriez-vous me l'expliquer? Merci de votre patience
Contenus similaires
25 Octobre 2008 21:30:07

MERCI j'ai trouvé mais je ne peux pas l'ouvrir il m'indique un message d'érreur
25 Octobre 2008 21:32:16

le message est detectado gusano BAGLE
a b 8 Sécurité
25 Octobre 2008 21:42:07

Tu n'as pas de rapport ?
25 Octobre 2008 21:43:48

Non car je n'arrive pas à faire l'analyse la fenetre se ferme avant. Que dois-je faire?
25 Octobre 2008 21:47:48

J4ARRIVE A LANCER LE PROGRAMME L(analyse commence mais ss stoppe
25 Octobre 2008 22:27:01

Je suis arrivée à faire une analyse avec le logiciel MALWAREBYTE'ANTI-MALWARE. Voici le rapport d'érreurs :
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1316
Windows 5.1.2600 Service Pack 3

2008-10-25 22:23:49
mbam-log-2008-10-25 (22-23-43).txt

Type de recherche: Examen complet (H:\|)
Eléments examinés: 89589
Temps écoulé: 12 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 82

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
H:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.
H:\Documents and Settings\ALEXANDRA\Application Data\m (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
H:\WINDOWS\system32\drivers\downld\103171.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\103687.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\103703.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\104250.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\105921.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\106468.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\111218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\111796.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\112218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\113015.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\113781.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\114250.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\114562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\115156.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\116468.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\117140.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\119593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\121578.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14715171.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14739609.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14746031.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14781593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14789078.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14791468.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14810750.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14831078.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14831937.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\14835359.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\15023218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\15033281.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\248515.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\253640.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\254625.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\255593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\258000.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\261359.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\261562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\262296.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\265812.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\269593.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\270437.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\278812.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\43046.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\43109.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\43796.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\49046.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\49546.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\50234.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\50296.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\50953.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\51546.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\53906.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\57171.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\58250.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\58656.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\59656.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\60281.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\64343.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\64562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\65218.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\65656.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\67828.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\72109.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\72937.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\73703.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\75718.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\76234.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\76328.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\77031.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\78125.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\79781.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\81718.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\85953.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\86562.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\93968.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\94968.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\96000.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\downld\99156.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> No action taken.
H:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> No action taken.
H:\Documents and Settings\ALEXANDRA\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
H:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> No action taken.

En espérant que cela puisse vous aider-
26 Octobre 2008 08:27:38

Ne pouvant pas installer ELIGALA, j'ai éssayé l'autre logiciel que vous m'avez conseillé FINDYKILL. Voici le rapport d'erreurs : FindyKill V4.095 ------------------

* User : ALEXANDRA - WINXPSP3
* Emplacement : H:\Program Files\FindyKill
* Outils Mis a jours le 24/10/08 par Chiquitine29
* Recherche effectuée à 8:22:41 le 2008-10-26
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wdfmgr.exe
H:\WINDOWS\system32\wbem\wmiapsrv.exe
H:\Program Files\Winamp\winampa.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE
H:\Program Files\Winamp Remote\bin\OrbTray.exe
H:\WINDOWS\system32\drivers\winfilse.exe
H:\WINDOWS\system32\wintems.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Internet Explorer\iexplore.exe
h:\program files\winamp toolbar\WinampTbServer.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe

--------------- [ Processus infectieux stoppés ] ----------------


"H:\WINDOWS\system32\wintems.exe" (944)
"H:\WINDOWS\system32\drivers\winfilse.exe" (344)


--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans H:


»»»» Presence des fichiers dans H:\WINDOWS


»»»» Presence des fichiers dans H:\WINDOWS\Prefetch

Present ! - H:\WINDOWS\prefetch\106234.EXE-396291CB.pf
Present ! - H:\WINDOWS\prefetch\FLEC006.EXE-2DDFFFD0.pf
Present ! - H:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Present ! - H:\WINDOWS\prefetch\MDELK.EXE-238AA5EF.pf
Present ! - H:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

»»»» Presence des fichiers dans H:\WINDOWS\system32

Présent ! [2008-10-25 18:42] - H:\WINDOWS\system32\mdelk.exe
Présent ! [2008-10-25 18:42] - H:\WINDOWS\system32\wintems.exe
Présent ! [2008-10-26 08:01] - H:\WINDOWS\system32\ban_list.txt

»»»» Presence des fichiers dans H:\WINDOWS\system32\drivers

Présent ! [2008-10-26 08:01] - H:\WINDOWS\system32\drivers\srosa.sys
Présent ! [2004-08-26 08:03] - H:\WINDOWS\system32\drivers\winfilse.exe
Présent ! [2008-10-26 08:04] - "H:\WINDOWS\system32\drivers\downld"
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\103171.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\103687.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\103703.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\104250.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\105921.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\106234.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\106468.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\111218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\111796.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\112218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\113015.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\113781.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\114250.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\114562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\115156.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\116468.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\117140.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\119593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\121578.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\127328.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\145578.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14715171.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14739609.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14746031.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14781593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14789078.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14791468.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14810750.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14831078.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14831937.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\14835359.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\15023218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\15033281.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\154093.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\248515.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\253640.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\254625.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\255593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\258000.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\261359.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\261562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\262296.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\265812.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\269593.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\270437.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\278812.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\296843.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\304296.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\43046.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\43109.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\43796.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\49046.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\49546.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\50234.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\50296.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\50953.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\51546.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\53906.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\57171.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\58250.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\58656.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\59656.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\60281.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\64343.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\64562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\65218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\65656.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\67828.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\72109.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\72937.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\73703.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\75718.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\76234.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\76328.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\77031.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\78125.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\79781.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\81718.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\85953.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\86562.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\89828.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\93968.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\94968.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\95156.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\96000.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\96218.exe
Présent ! [2008-10-26 08:04] H:\WINDOWS\system32\drivers\downld\99156.exe

»»»» Presence des fichiers dans H:\Documents and Settings\ALEXANDRA\Application Data

Présent ! [2008-10-25 18:42] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\flec006.exe"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\list.oct"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\data.oct"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\srvlist.oct"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m\shared"
Présent ! [2008-10-26 08:01] - "H:\Documents and Settings\ALEXANDRA\Application Data\m"

»»»» Presence des fichiers dans H:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp


--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
SunJavaUpdateSched REG_SZ "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
NeroFilterCheck REG_SZ H:\WINDOWS\system32\NeroCheck.exe
NvCplDaemon REG_SZ RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
Adobe Reader Speed Launcher REG_SZ "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
WinampAgent REG_SZ "H:\Program Files\Winamp\winampa.exe"
avast! REG_SZ H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe REG_SZ H:\WINDOWS\system32\ctfmon.exe
MsnMsgr REG_SZ "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
EPSON Stylus Photo R285 Series REG_SZ H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
Orb REG_SZ "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background

--------------- [ Registre / Clés infectieuses ] ----------------


Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\nideiect
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\TuneUp_Utilities_2007_6.0.2311.0_(Crack)
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\winfilse
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\bisoft
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\CHKPTR
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\DateTime4
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\FFC
Présent ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\FirtR
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\nideiect
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\TuneUp_Utilities_2007_6.0.2311.0_(Crack)
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_CURRENT_USER\Software\bisoft
Présent ! - HKEY_CURRENT_USER\Software\DateTime4
Présent ! - HKEY_CURRENT_USER\Software\FirtR

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

-> Affichage des fichiers cachés non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

-> Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

-> Mode sans echec non fonctionnel !!

Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

-> Mode sans echec non fonctionnel !!



+- Services : [ Auto=2 Demande=3 Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

/!\ SharedAccess - Type de démarrage = 4

/!\ wuauserv - Type de démarrage = 4

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

H: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Moutpoint2 ] ----------------

Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\AutoRun\command
Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\explore\Command
Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\open\Command


------------------- ! Fin du rapport ! --------------------

Quelles sont les prochaines étapes?
Merci pour votre aide
26 Octobre 2008 14:00:04

Bonjour, je suis un peu perdue face à mon souci car je débute en informatique. Faut-il que je reformate mon disque dur?
Bonne après-midi et merci d'avance
26 Octobre 2008 16:51:39

Alex, ne formate pas encore, attends la réponse de Angeldark !
Je ne sais pas ce qu'il va en penser, mais je crois que tu devrais déjà nettoyer avec Malware... A bientot, si problème, appelle moi
26 Octobre 2008 16:57:42

Pas de problème j'attends la réponse de Angeldark. Mais je pourrai pas me connecter de lundi à jeudi soir.
26 Octobre 2008 20:45:56

Bonsoir, juste un élément suplémentaire. Quand je veux ouvrir avast il indique le message d'erreurs suivant :( mon disque dur n'est C mais H)
H:\Program Files\Alwil Sotware\avast4\ashAvast.exe n'est pas une applicationWin32 valide
Bonne soirée
a b 8 Sécurité
27 Octobre 2008 12:28:12

Re,

On ne t'aide pas sur un autre forum par hasard ?
30 Octobre 2008 20:41:21

Bonsoir ANGELDARK,

Non je ne suis pas aidé par un autre forum. N'ayant pas eu de solution je tentr de trouver des solutions toute seule et je mets les rapports pour aider.
Deplus, je travaille loin de mon domicile est je suis absente plusieurs jours par semaine et je souhaitais mettre toutes mes chances de mon cote pour resourdre le problème car je débute en informatique et je suis perdue; Pouvez-vous m'aider s'il vous plait?
30 Octobre 2008 20:53:52

je l'ai telecharge mais il me marque le même message d'erreurs quand je veux l'ouvrir que quand je veux ouvrir avast
a b 8 Sécurité
30 Octobre 2008 20:58:17

Tu as bien supprimé les infections avec MBAM ?
30 Octobre 2008 20:59:28

je vais relancer une analyse et je réessai


30 Octobre 2008 21:13:26

j'ai supprimé les trojan mais ça ne change rien, que dois-je faire?
a b 8 Sécurité
30 Octobre 2008 21:18:01

Passe l'option 2 de FindyKill.
30 Octobre 2008 21:26:56


----------------- FindyKill V4.095 ------------------

* User : ALEXANDRA - WINXPSP3
* Emplacement : H:\Program Files\FindyKill
* Outils Mis a jours le 24/10/08 par Chiquitine29
* Suppression effectuée à 21:23:11 le 2008-10-30
* Windows XP - Internet Explorer 7.0.5730.13


((((((((((((((( *** Suppression *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\system32\logonui.exe
H:\WINDOWS\system32\userinit.exe
H:\WINDOWS\system32\WgaTray.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Suppression des fichiers dans H:


»»»» Suppression des fichiers dans H:\WINDOWS


»»»» Suppression des fichiers dans H:\WINDOWS\Prefetch

Supprimé ! - H:\WINDOWS\Prefetch\72281.EXE-16379C70.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-19812E66.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-337268C1.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
Supprimé ! - H:\WINDOWS\Prefetch\RUNDLL32.EXE-46B22018.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINNT32.EXE-07CE5394.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINZIP32.EXE-335422C1.pf
Supprimé ! - H:\WINDOWS\Prefetch\56203.EXE-00022925.pf
Supprimé ! - H:\WINDOWS\Prefetch\85203.EXE-14EF6FBD.pf
Supprimé ! - H:\WINDOWS\Prefetch\106234.EXE-396291CB.pf
Supprimé ! - H:\WINDOWS\Prefetch\54734.EXE-11EBBB2A.pf
Supprimé ! - H:\WINDOWS\Prefetch\39125.EXE-076C01AF.pf
Supprimé ! - H:\WINDOWS\Prefetch\48765.EXE-0A9238B8.pf
Supprimé ! - H:\WINDOWS\Prefetch\70625.EXE-2F66B069.pf
Supprimé ! - H:\WINDOWS\Prefetch\68906.EXE-0884A291.pf
Supprimé ! - H:\WINDOWS\Prefetch\FLEC006.EXE-2DDFFFD0.pf
Supprimé ! - H:\WINDOWS\Prefetch\63937.EXE-2FDA3DF8.pf
Supprimé ! - H:\WINDOWS\Prefetch\64328.EXE-2CCC1B4E.pf
Supprimé ! - H:\WINDOWS\Prefetch\69078.EXE-002D4FE1.pf
Supprimé ! - H:\WINDOWS\Prefetch\69828.EXE-0DE967C4.pf
Supprimé ! - H:\WINDOWS\Prefetch\65859.EXE-2B7AA28D.pf
Supprimé ! - H:\WINDOWS\Prefetch\59750.EXE-3942C62D.pf
Supprimé ! - H:\WINDOWS\Prefetch\85640.EXE-32325473.pf
Supprimé ! - H:\WINDOWS\Prefetch\88750.EXE-29058749.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINTEMS.EXE-26D98C75.pf
Supprimé ! - H:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
Supprimé ! - H:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Supprimé ! - H:\WINDOWS\Prefetch\MDELK.EXE-238AA5EF.pf

»»»» Suppression des fichiers dans H:\WINDOWS\system32

Supprimé ! - H:\WINDOWS\system32\ban_list.txt

»»»» Suppression des fichiers dans H:\WINDOWS\system32\drivers

Supprimé ! - H:\WINDOWS\system32\drivers\srosa.sys
Supprimé ! - H:\WINDOWS\system32\drivers\winfilse.exe

»»»» Suppression des fichiers dans H:\Documents and Settings\ALEXANDRA\Application Data


»»»» Suppression des fichiers dans H:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp


--------------- [ Registre / Clés infectieuses ] ----------------

Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Supprimé ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\nideiect
Supprimé ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\TuneUp_Utilities_2007_6.0.2311.0_(Crack)
Supprimé ! - HKEY_USERS\S-1-5-21-1229272821-1004336348-1801674531-1003\Software\Local AppWizard-Generated Applications\winfilse

-> Certaines clés ont été supprimées au premier reboot ...

--------------- [ Etat / Redémarage des services ] ----------------

+- Mode sans echec restauré !

+- Affichage des fichiers cachés réparé !


+- Services : [ Auto=2 Demande=3 Désactivé=4 ]

Ndisuio - Type de démarrage = 3

EapHost - Type de démarrage = 2

Ip6Fw - Type de démarrage = 2

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2


--------------- [ Nettoyage des supports amovibles ] ----------------

+- Informations :

H: - Lecteur fixe


+- Suppression des fichiers :


--------------- [ Registre / Moutpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4593c7-a135-11dd-aef4-001d92633a36}\Shell\open\Command

--------------- [ Recherche Cracks / Keygen ] ----------------



---------------- ! Fin du rapport ! ------------------


31 Octobre 2008 07:48:00

Bonjour, le fait d'etre passé à la phase 2 de FindyKill. a peut etre favorisé un leger déblocage car ce matin j'ai désintallé Hijackthis et reinstallé et voici le message d'erreurs :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:43:08, on 2008-10-31
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
H:\Program Files\Winamp\winampa.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
H:\Program Files\Winamp Remote\bin\OrbTray.exe
H:\Program Files\Messenger\msmsgs.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\wbem\wmiapsrv.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
h:\program files\winamp toolbar\WinampTbServer.exe
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Windows Live Toolbar\msn_sl.exe
H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R285 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Orb] "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Winamp Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7285 bytes
j'espère que ca vous aidera
Je vais tenter de faire la même manipulation avec l'antivirus
Bonne journée
31 Octobre 2008 08:23:15

Re, je pense qu'hier vous m'avez conseillé de faire une opération qui a débloqué car j'ai pu reinstallé l'antivirus et il a trouvé BAGLE et j'ai pu le mettre en quarantaine. Vraiment merci beaucoup.
Faut-il que je face autre chose?
31 Octobre 2008 13:15:25

Re par contre je ne peux pas installer flash media player existe-il un lien?
Bonne journée
a b 8 Sécurité
31 Octobre 2008 13:47:58

Re,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    31 Octobre 2008 14:38:49

    Re,
    Je l'ai installé mais je n'arrive pas à l'ouvrir
    a b 8 Sécurité
    31 Octobre 2008 15:10:16

    Tu as une erreur ?
    31 Octobre 2008 15:18:39

    conbofix has detected that this machine does not have the "windows recovery console" si je comprends bien il me conseille de l'installer et j'ai le message d'erreur suivant : la synthaxe de la commande est incorrecte
    a b 8 Sécurité
    31 Octobre 2008 15:25:19

    Même en mettant nan ?
    31 Octobre 2008 15:37:16

    IL me propose oui ou non
    a b 8 Sécurité
    31 Octobre 2008 18:12:30

    Tu as essayé avec non ?
    1 Novembre 2008 19:11:59

    Bonjour a tous,

    J'ai exactement le même problème que vanille33.
    Je viens de lire ce topic mais je ne sais pas dans quel ordre il faut telecharger les logiciels et faire les scans puisque vous en citez plusieurs.

    Pouvez vous me donner la marche a suivre pour trouver et deloger ce virus qui est très ennuyeux?

    Avast ne se lance pas (application Win32 non valide).
    J'ai désinstaller avast pour installer un autre antivirus, mais une erreur intervient a chaque fois pour 2 antivirus différents.

    Merci à l'avance pour votre aide.... le temps est contre moi en plus de ça :( 

    Cordialement!
    a b 8 Sécurité
    1 Novembre 2008 19:56:43

    Chacun son sujet :) 
    1 Novembre 2008 20:11:43

    C'est le même sujet! Alors pas besoin d'épiloguer!

    Cela dit grace aux conseils donnés à vanille33, j'ai pu résoudre le problème !

    La solution : l'option 2 de Findykill !

    Merci beaucoup!

    Bon courage et bonne chasse vanilla33

    Tchao
    2 Novembre 2008 17:24:45

    Bonjour Angeldark,
    Pardon pour ce silence mais je suis partie en week-end !
    Je n'ai pas tres bien compris l'intervention de l'autre internaute ???
    J'ai faits comme tu m'as dit, j'ai cliqué sur non et voici le rapport :
    ComboFix 08-11-01.06 - ALEXANDRA 2008-11-02 17:17:50.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2577 [GMT 1:00]
    Lancé depuis: H:\Documents and Settings\ALEXANDRA\Bureau\ComboFix.exe
    * Un nouveau point de restauration a été créé

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    H:\WINDOWS\system32\dao350.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-02 au 2008-11-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-31 16:20 . 2008-10-31 16:35 <REP> d-------- H:\Program Files\Radio Fr Solo
    2008-10-31 16:20 . 2008-10-31 16:20 1,208 --a------ H:\WINDOWS\Radio_Fr.ini
    2008-10-31 14:21 . 2008-10-31 14:21 <REP> d-------- H:\Program Files\TuneUp Utilities 2008
    2008-10-31 14:21 . 2008-10-31 14:21 355,584 --a------ H:\WINDOWS\system32\TuneUpDefragService.exe
    2008-10-31 14:21 . 2008-05-29 09:28 28,416 --a------ H:\WINDOWS\system32\uxtuneup.dll
    2008-10-31 13:07 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp Toolbar
    2008-10-30 20:51 . 2008-10-30 20:51 <REP> d-------- H:\Program Files\Trend Micro
    2008-10-26 08:21 . 2008-10-30 21:24 <REP> d-------- H:\Program Files\FindyKill
    2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Program Files\Malwarebytes' Anti-Malware
    2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Malwarebytes
    2008-10-24 18:10 . 2008-10-22 15:10 38,496 --a------ H:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-24 18:10 . 2008-10-22 15:10 15,504 --a------ H:\WINDOWS\system32\drivers\mbam.sys
    2008-10-24 10:40 . 2008-10-24 17:34 <REP> d-------- H:\Documents and Settings\All Users\Application Data\OrbNetworks
    2008-10-24 10:39 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp
    2008-10-24 10:39 . 2008-10-24 10:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Winamp
    2008-10-24 10:36 . 2008-06-10 01:32 73,728 --a------ H:\WINDOWS\system32\javacpl.cpl
    2008-10-19 16:10 . 2008-10-19 16:10 <REP> d-------- H:\Program Files\Micro Application
    2008-10-19 16:09 . 2008-10-19 16:09 124 --a------ H:\WINDOWS\Navigma.INI
    2008-10-17 09:47 . 2008-10-24 10:40 <REP> d-------- H:\Program Files\Winamp Remote
    2008-10-17 09:47 . 2008-10-17 09:47 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    2008-10-17 09:15 . 2008-10-17 09:17 <REP> d-------- H:\Program Files\VBW
    2008-10-17 09:15 . 2008-10-17 09:15 <REP> d-------- H:\Program Files\Fichiers communs\Borland Shared
    2008-10-17 09:15 . 1999-03-03 04:01 212,440 --a------ H:\WINDOWS\system32\DBCLIENT.DLL
    2008-10-17 09:15 . 2001-05-10 16:00 184,320 --a------ H:\WINDOWS\system32\BDEADMIN.CPL
    2008-10-17 09:08 . 2008-10-17 09:08 <REP> d-------- H:\HSF
    2008-10-17 09:08 . 2008-10-17 09:11 0 --a------ H:\WINDOWS\WD.INI
    2008-10-16 19:21 . 2008-08-14 14:23 2,191,232 -----c--- H:\WINDOWS\system32\dllcache\ntoskrnl.exe
    2008-10-16 19:21 . 2008-08-14 14:23 2,147,328 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    2008-10-16 19:21 . 2008-08-14 14:23 2,068,096 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    2008-10-16 19:21 . 2008-08-14 14:23 2,025,984 -----c--- H:\WINDOWS\system32\dllcache\ntkrpamp.exe
    2008-10-12 20:50 . 2008-10-12 20:50 <REP> d-------- H:\Program Files\SoftChris
    2008-10-12 11:45 . 2008-10-16 19:52 151 --a------ H:\WINDOWS\PhotoSnapViewer.INI
    2008-10-12 07:33 . 2008-10-12 07:34 <REP> d-------- H:\Program Files\Lavasoft
    2008-10-12 07:33 . 2008-10-12 07:35 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-10-12 05:32 . 2007-07-30 18:19 271,224 --a------ H:\WINDOWS\system32\mucltui.dll
    2008-10-12 05:32 . 2007-07-30 18:19 207,736 --a------ H:\WINDOWS\system32\muweb.dll
    2008-10-12 05:32 . 2007-07-30 18:18 30,072 --a------ H:\WINDOWS\system32\mucltui.dll.mui
    2008-10-11 22:56 . 2008-10-11 22:56 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\EPSON
    2008-10-11 17:55 . 2008-10-11 17:55 <REP> d-------- H:\Program Files\emme
    2008-10-11 17:55 . 1997-04-17 21:40 254,976 --a------ H:\WINDOWS\system32\SMSEQ.DLL
    2008-10-11 17:55 . 1998-09-22 14:15 195,856 --a------ H:\WINDOWS\system32\RICHTX32.OCX
    2008-10-11 17:55 . 1997-02-27 00:00 192,272 --a------ H:\WINDOWS\system32\MCI32.OCX
    2008-10-11 17:55 . 1997-02-27 00:00 94,992 --a------ H:\WINDOWS\system32\Vb5fr.dll
    2008-10-11 17:55 . 2001-01-10 12:01 75,225 --a------ H:\WINDOWS\system32\picn1820.ssm
    2008-10-11 17:55 . 1999-01-27 10:18 73,184 --a------ H:\WINDOWS\system32\DAO2535.TLB
    2008-10-11 17:55 . 1997-06-13 16:05 57,344 --a------ H:\WINDOWS\system32\SMOOTHS.DLL
    2008-10-11 17:55 . 2002-02-13 16:59 21,747 --a------ H:\WINDOWS\emme.wri
    2008-10-11 17:55 . 1997-08-05 20:34 14,048 --a------ H:\WINDOWS\system32\SMOOTH16.DLL
    2008-10-11 17:55 . 1998-11-06 10:59 10,720 --a------ H:\WINDOWS\system32\SCRLIB.DLL
    2008-10-11 17:55 . 1995-09-14 13:21 9,984 --a------ H:\WINDOWS\system32\BTDESIGN.DLL
    2008-10-11 17:15 . 2008-10-11 17:15 268 --ah----- H:\sqmdata02.sqm
    2008-10-11 17:15 . 2008-10-11 17:15 244 --ah----- H:\sqmnoopt02.sqm
    2008-10-11 17:05 . 2008-10-11 17:05 <REP> d-------- H:\Documents and Settings\All Users\Application Data\UDL
    2008-10-11 17:04 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON Print CD
    2008-10-11 17:02 . 2008-10-11 17:02 <REP> d-------- H:\Documents and Settings\All Users\Application Data\EPSON
    2008-10-11 17:02 . 2006-12-08 03:04 76,800 --a------ H:\WINDOWS\system32\E_FLBCKE.DLL
    2008-10-11 17:02 . 2006-04-19 03:00 62,976 --a------ H:\WINDOWS\system32\E_FD4BCKE.DLL
    2008-10-11 17:02 . 2004-09-10 21:12 49,152 --a------ H:\WINDOWS\system32\E_DCINST.DLL
    2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a------ H:\WINDOWS\system32\drivers\usbprint.sys
    2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a--c--- H:\WINDOWS\system32\dllcache\usbprint.sys
    2008-10-11 17:00 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON
    2008-10-11 17:00 . 2008-10-11 17:00 41 --a------ H:\WINDOWS\CDER285DEFGIPS.ini
    2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Program Files\Versailles
    2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Documents and Settings\ALEXANDRA\WINDOWS
    2008-10-11 14:02 . 1996-11-06 11:04 302,592 --a------ H:\WINDOWS\unin040c.exe
    2008-10-11 14:02 . 2008-10-11 14:02 92 --a------ H:\WINDOWS\versaill.ini
    2008-10-11 13:54 . 2008-10-11 13:54 268 --ah----- H:\sqmdata01.sqm
    2008-10-11 13:54 . 2008-10-11 13:54 244 --ah----- H:\sqmnoopt01.sqm
    2008-10-11 13:44 . 2008-10-11 13:44 268 --ah----- H:\sqmdata00.sqm
    2008-10-11 13:44 . 2008-10-11 13:44 244 --ah----- H:\sqmnoopt00.sqm
    2008-10-11 13:43 . 2008-10-11 13:52 41 --a------ H:\WINDOWS\iltwain.ini
    2008-10-11 12:26 . 2008-10-11 12:26 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Media Player Classic
    2008-10-11 11:55 . 2008-10-11 11:55 <REP> d-------- H:\Program Files\Microsoft SQL Server Compact Edition
    2008-10-11 11:55 . 2006-11-29 12:06 3,426,072 --a------ H:\WINDOWS\system32\d3dx9_32.dll
    2008-10-11 11:54 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Favorites
    2008-10-11 11:53 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Toolbar
    2008-10-11 11:52 . 2008-10-11 17:17 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Contacts
    2008-10-11 11:51 . 2008-10-11 11:51 <REP> d----c--- H:\WINDOWS\system32\DRVSTORE
    2008-10-11 11:46 . 2008-10-12 06:21 <REP> d-------- H:\Program Files\Windows Live
    2008-10-11 11:46 . 2008-10-11 11:50 <REP> d--hsc--- H:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-10-11 11:46 . 2008-10-11 11:46 <REP> d-------- H:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\GPLGS
    2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\Acro Software
    2008-10-11 11:40 . 2007-07-12 21:33 87,552 --a------ H:\WINDOWS\system32\cpwmon2k.dll
    2008-10-11 11:23 . 2008-10-11 11:23 <REP> d-------- H:\WINDOWS\system32\Adobe
    2008-10-11 11:23 . 2001-11-14 19:19 16,384 --a------ H:\WINDOWS\system32\FileOps.exe
    2008-10-11 11:08 . 2008-10-11 11:08 <REP> d-------- H:\Program Files\LimeWire
    2008-10-11 11:08 . 2008-10-17 07:00 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Shared
    2008-10-11 11:08 . 2008-10-17 22:08 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Incomplete
    2008-10-11 11:08 . 2008-10-11 11:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\.limewire
    2008-10-11 11:06 . 2008-10-31 16:46 <REP> d-------- H:\Program Files\eMule
    2008-10-11 10:59 . 2008-10-11 12:53 <REP> d-------- H:\WINDOWS\SxsCaPendDel
    2008-10-11 10:58 . 2008-10-11 10:58 0 --a------ H:\WINDOWS\nsreg.dat
    2008-10-11 10:40 . 2008-10-11 10:40 <REP> d-------- H:\WINDOWS\system\color
    2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Fichiers communs\FotoWire
    2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\AGFAnet
    2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Agfa
    2008-10-11 10:37 . 1998-11-13 11:16 308,224 --a------ H:\WINDOWS\IsUn040c.exe
    2008-10-11 10:32 . 2000-06-29 09:00 36,864 -ra------ H:\WINDOWS\system32\agusbsti.dll
    2008-10-11 10:32 . 2000-11-16 10:56 32,768 -ra------ H:\WINDOWS\system32\Snape25.bin
    2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a------ H:\WINDOWS\system32\drivers\usbscan.sys
    2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a--c--- H:\WINDOWS\system32\dllcache\usbscan.sys
    2008-10-11 10:03 . 2008-04-13 18:33 221,184 --a------ H:\WINDOWS\system32\wmpns.dll
    2008-10-11 10:02 . 2008-10-19 15:28 116 --a------ H:\WINDOWS\NeroDigital.ini
    2008-10-11 10:00 . 2008-10-03 18:12 6,066,176 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll
    2008-10-11 10:00 . 2007-04-17 10:32 2,455,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-10-11 10:00 . 2007-03-08 06:10 1,048,576 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-10-11 10:00 . 2008-08-26 09:11 459,264 -----c--- H:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-10-11 10:00 . 2008-08-26 09:11 383,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-10-11 10:00 . 2008-08-26 09:11 267,776 -----c--- H:\WINDOWS\system32\dllcache\iertutil.dll
    2008-10-11 10:00 . 2008-08-26 09:11 63,488 -----c--- H:\WINDOWS\system32\dllcache\icardie.dll
    2008-10-11 10:00 . 2008-08-26 09:11 52,224 -----c--- H:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-10-11 10:00 . 2008-08-25 09:38 13,824 -----c--- H:\WINDOWS\system32\dllcache\ieudinit.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-31 13:32 --------- d-----w H:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-10-24 09:36 --------- d-----w H:\Program Files\Java

    Merci et bonne soirée
    2 Novembre 2008 17:25:47

    pardon il n'est pas en entier :
    ComboFix 08-11-01.06 - ALEXANDRA 2008-11-02 17:17:50.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2577 [GMT 1:00]
    Lancé depuis: H:\Documents and Settings\ALEXANDRA\Bureau\ComboFix.exe
    * Un nouveau point de restauration a été créé

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    H:\WINDOWS\system32\dao350.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-02 au 2008-11-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-31 16:20 . 2008-10-31 16:35 <REP> d-------- H:\Program Files\Radio Fr Solo
    2008-10-31 16:20 . 2008-10-31 16:20 1,208 --a------ H:\WINDOWS\Radio_Fr.ini
    2008-10-31 14:21 . 2008-10-31 14:21 <REP> d-------- H:\Program Files\TuneUp Utilities 2008
    2008-10-31 14:21 . 2008-10-31 14:21 355,584 --a------ H:\WINDOWS\system32\TuneUpDefragService.exe
    2008-10-31 14:21 . 2008-05-29 09:28 28,416 --a------ H:\WINDOWS\system32\uxtuneup.dll
    2008-10-31 13:07 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp Toolbar
    2008-10-30 20:51 . 2008-10-30 20:51 <REP> d-------- H:\Program Files\Trend Micro
    2008-10-26 08:21 . 2008-10-30 21:24 <REP> d-------- H:\Program Files\FindyKill
    2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Program Files\Malwarebytes' Anti-Malware
    2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-24 18:10 . 2008-10-24 18:10 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Malwarebytes
    2008-10-24 18:10 . 2008-10-22 15:10 38,496 --a------ H:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-24 18:10 . 2008-10-22 15:10 15,504 --a------ H:\WINDOWS\system32\drivers\mbam.sys
    2008-10-24 10:40 . 2008-10-24 17:34 <REP> d-------- H:\Documents and Settings\All Users\Application Data\OrbNetworks
    2008-10-24 10:39 . 2008-10-31 13:07 <REP> d-------- H:\Program Files\Winamp
    2008-10-24 10:39 . 2008-10-24 10:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Winamp
    2008-10-24 10:36 . 2008-06-10 01:32 73,728 --a------ H:\WINDOWS\system32\javacpl.cpl
    2008-10-19 16:10 . 2008-10-19 16:10 <REP> d-------- H:\Program Files\Micro Application
    2008-10-19 16:09 . 2008-10-19 16:09 124 --a------ H:\WINDOWS\Navigma.INI
    2008-10-17 09:47 . 2008-10-24 10:40 <REP> d-------- H:\Program Files\Winamp Remote
    2008-10-17 09:47 . 2008-10-17 09:47 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    2008-10-17 09:15 . 2008-10-17 09:17 <REP> d-------- H:\Program Files\VBW
    2008-10-17 09:15 . 2008-10-17 09:15 <REP> d-------- H:\Program Files\Fichiers communs\Borland Shared
    2008-10-17 09:15 . 1999-03-03 04:01 212,440 --a------ H:\WINDOWS\system32\DBCLIENT.DLL
    2008-10-17 09:15 . 2001-05-10 16:00 184,320 --a------ H:\WINDOWS\system32\BDEADMIN.CPL
    2008-10-17 09:08 . 2008-10-17 09:08 <REP> d-------- H:\HSF
    2008-10-17 09:08 . 2008-10-17 09:11 0 --a------ H:\WINDOWS\WD.INI
    2008-10-16 19:21 . 2008-08-14 14:23 2,191,232 -----c--- H:\WINDOWS\system32\dllcache\ntoskrnl.exe
    2008-10-16 19:21 . 2008-08-14 14:23 2,147,328 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    2008-10-16 19:21 . 2008-08-14 14:23 2,068,096 -----c--- H:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    2008-10-16 19:21 . 2008-08-14 14:23 2,025,984 -----c--- H:\WINDOWS\system32\dllcache\ntkrpamp.exe
    2008-10-12 20:50 . 2008-10-12 20:50 <REP> d-------- H:\Program Files\SoftChris
    2008-10-12 11:45 . 2008-10-16 19:52 151 --a------ H:\WINDOWS\PhotoSnapViewer.INI
    2008-10-12 07:33 . 2008-10-12 07:34 <REP> d-------- H:\Program Files\Lavasoft
    2008-10-12 07:33 . 2008-10-12 07:35 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-10-12 05:32 . 2007-07-30 18:19 271,224 --a------ H:\WINDOWS\system32\mucltui.dll
    2008-10-12 05:32 . 2007-07-30 18:19 207,736 --a------ H:\WINDOWS\system32\muweb.dll
    2008-10-12 05:32 . 2007-07-30 18:18 30,072 --a------ H:\WINDOWS\system32\mucltui.dll.mui
    2008-10-11 22:56 . 2008-10-11 22:56 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\EPSON
    2008-10-11 17:55 . 2008-10-11 17:55 <REP> d-------- H:\Program Files\emme
    2008-10-11 17:55 . 1997-04-17 21:40 254,976 --a------ H:\WINDOWS\system32\SMSEQ.DLL
    2008-10-11 17:55 . 1998-09-22 14:15 195,856 --a------ H:\WINDOWS\system32\RICHTX32.OCX
    2008-10-11 17:55 . 1997-02-27 00:00 192,272 --a------ H:\WINDOWS\system32\MCI32.OCX
    2008-10-11 17:55 . 1997-02-27 00:00 94,992 --a------ H:\WINDOWS\system32\Vb5fr.dll
    2008-10-11 17:55 . 2001-01-10 12:01 75,225 --a------ H:\WINDOWS\system32\picn1820.ssm
    2008-10-11 17:55 . 1999-01-27 10:18 73,184 --a------ H:\WINDOWS\system32\DAO2535.TLB
    2008-10-11 17:55 . 1997-06-13 16:05 57,344 --a------ H:\WINDOWS\system32\SMOOTHS.DLL
    2008-10-11 17:55 . 2002-02-13 16:59 21,747 --a------ H:\WINDOWS\emme.wri
    2008-10-11 17:55 . 1997-08-05 20:34 14,048 --a------ H:\WINDOWS\system32\SMOOTH16.DLL
    2008-10-11 17:55 . 1998-11-06 10:59 10,720 --a------ H:\WINDOWS\system32\SCRLIB.DLL
    2008-10-11 17:55 . 1995-09-14 13:21 9,984 --a------ H:\WINDOWS\system32\BTDESIGN.DLL
    2008-10-11 17:15 . 2008-10-11 17:15 268 --ah----- H:\sqmdata02.sqm
    2008-10-11 17:15 . 2008-10-11 17:15 244 --ah----- H:\sqmnoopt02.sqm
    2008-10-11 17:05 . 2008-10-11 17:05 <REP> d-------- H:\Documents and Settings\All Users\Application Data\UDL
    2008-10-11 17:04 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON Print CD
    2008-10-11 17:02 . 2008-10-11 17:02 <REP> d-------- H:\Documents and Settings\All Users\Application Data\EPSON
    2008-10-11 17:02 . 2006-12-08 03:04 76,800 --a------ H:\WINDOWS\system32\E_FLBCKE.DLL
    2008-10-11 17:02 . 2006-04-19 03:00 62,976 --a------ H:\WINDOWS\system32\E_FD4BCKE.DLL
    2008-10-11 17:02 . 2004-09-10 21:12 49,152 --a------ H:\WINDOWS\system32\E_DCINST.DLL
    2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a------ H:\WINDOWS\system32\drivers\usbprint.sys
    2008-10-11 17:02 . 2008-04-13 10:47 25,856 --a--c--- H:\WINDOWS\system32\dllcache\usbprint.sys
    2008-10-11 17:00 . 2008-10-11 17:04 <REP> d-------- H:\Program Files\EPSON
    2008-10-11 17:00 . 2008-10-11 17:00 41 --a------ H:\WINDOWS\CDER285DEFGIPS.ini
    2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Program Files\Versailles
    2008-10-11 14:02 . 2008-10-11 14:02 <REP> d-------- H:\Documents and Settings\ALEXANDRA\WINDOWS
    2008-10-11 14:02 . 1996-11-06 11:04 302,592 --a------ H:\WINDOWS\unin040c.exe
    2008-10-11 14:02 . 2008-10-11 14:02 92 --a------ H:\WINDOWS\versaill.ini
    2008-10-11 13:54 . 2008-10-11 13:54 268 --ah----- H:\sqmdata01.sqm
    2008-10-11 13:54 . 2008-10-11 13:54 244 --ah----- H:\sqmnoopt01.sqm
    2008-10-11 13:44 . 2008-10-11 13:44 268 --ah----- H:\sqmdata00.sqm
    2008-10-11 13:44 . 2008-10-11 13:44 244 --ah----- H:\sqmnoopt00.sqm
    2008-10-11 13:43 . 2008-10-11 13:52 41 --a------ H:\WINDOWS\iltwain.ini
    2008-10-11 12:26 . 2008-10-11 12:26 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Application Data\Media Player Classic
    2008-10-11 11:55 . 2008-10-11 11:55 <REP> d-------- H:\Program Files\Microsoft SQL Server Compact Edition
    2008-10-11 11:55 . 2006-11-29 12:06 3,426,072 --a------ H:\WINDOWS\system32\d3dx9_32.dll
    2008-10-11 11:54 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Favorites
    2008-10-11 11:53 . 2008-10-11 11:54 <REP> d-------- H:\Program Files\Windows Live Toolbar
    2008-10-11 11:52 . 2008-10-11 17:17 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Contacts
    2008-10-11 11:51 . 2008-10-11 11:51 <REP> d----c--- H:\WINDOWS\system32\DRVSTORE
    2008-10-11 11:46 . 2008-10-12 06:21 <REP> d-------- H:\Program Files\Windows Live
    2008-10-11 11:46 . 2008-10-11 11:50 <REP> d--hsc--- H:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-10-11 11:46 . 2008-10-11 11:46 <REP> d-------- H:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\GPLGS
    2008-10-11 11:40 . 2008-10-11 11:40 <REP> d-------- H:\Program Files\Acro Software
    2008-10-11 11:40 . 2007-07-12 21:33 87,552 --a------ H:\WINDOWS\system32\cpwmon2k.dll
    2008-10-11 11:23 . 2008-10-11 11:23 <REP> d-------- H:\WINDOWS\system32\Adobe
    2008-10-11 11:23 . 2001-11-14 19:19 16,384 --a------ H:\WINDOWS\system32\FileOps.exe
    2008-10-11 11:08 . 2008-10-11 11:08 <REP> d-------- H:\Program Files\LimeWire
    2008-10-11 11:08 . 2008-10-17 07:00 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Shared
    2008-10-11 11:08 . 2008-10-17 22:08 <REP> d-------- H:\Documents and Settings\ALEXANDRA\Incomplete
    2008-10-11 11:08 . 2008-10-11 11:42 <REP> d-------- H:\Documents and Settings\ALEXANDRA\.limewire
    2008-10-11 11:06 . 2008-10-31 16:46 <REP> d-------- H:\Program Files\eMule
    2008-10-11 10:59 . 2008-10-11 12:53 <REP> d-------- H:\WINDOWS\SxsCaPendDel
    2008-10-11 10:58 . 2008-10-11 10:58 0 --a------ H:\WINDOWS\nsreg.dat
    2008-10-11 10:40 . 2008-10-11 10:40 <REP> d-------- H:\WINDOWS\system\color
    2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Fichiers communs\FotoWire
    2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\AGFAnet
    2008-10-11 10:37 . 2008-10-11 10:37 <REP> d-------- H:\Program Files\Agfa
    2008-10-11 10:37 . 1998-11-13 11:16 308,224 --a------ H:\WINDOWS\IsUn040c.exe
    2008-10-11 10:32 . 2000-06-29 09:00 36,864 -ra------ H:\WINDOWS\system32\agusbsti.dll
    2008-10-11 10:32 . 2000-11-16 10:56 32,768 -ra------ H:\WINDOWS\system32\Snape25.bin
    2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a------ H:\WINDOWS\system32\drivers\usbscan.sys
    2008-10-11 10:32 . 2008-04-13 10:45 15,104 --a--c--- H:\WINDOWS\system32\dllcache\usbscan.sys
    2008-10-11 10:03 . 2008-04-13 18:33 221,184 --a------ H:\WINDOWS\system32\wmpns.dll
    2008-10-11 10:02 . 2008-10-19 15:28 116 --a------ H:\WINDOWS\NeroDigital.ini
    2008-10-11 10:00 . 2008-10-03 18:12 6,066,176 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll
    2008-10-11 10:00 . 2007-04-17 10:32 2,455,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-10-11 10:00 . 2007-03-08 06:10 1,048,576 -----c--- H:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-10-11 10:00 . 2008-08-26 09:11 459,264 -----c--- H:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-10-11 10:00 . 2008-08-26 09:11 383,488 -----c--- H:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-10-11 10:00 . 2008-08-26 09:11 267,776 -----c--- H:\WINDOWS\system32\dllcache\iertutil.dll
    2008-10-11 10:00 . 2008-08-26 09:11 63,488 -----c--- H:\WINDOWS\system32\dllcache\icardie.dll
    2008-10-11 10:00 . 2008-08-26 09:11 52,224 -----c--- H:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-10-11 10:00 . 2008-08-25 09:38 13,824 -----c--- H:\WINDOWS\system32\dllcache\ieudinit.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-31 13:32 --------- d-----w H:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-10-24 09:36 --------- d-----w H:\Program Files\Java
    2008-10-19 15:10 --------- d--h--w H:\Program Files\InstallShield Installation Information
    2008-10-12 01:01 --------- d-----w H:\Program Files\Microsoft Works
    2008-10-11 16:05 --------- d-----w H:\Program Files\Fichiers communs\InstallShield
    2008-10-11 10:23 --------- d-----w H:\Program Files\Fichiers communs\Adobe
    2008-10-11 09:03 --------- d-----w H:\Documents and Settings\ALEXANDRA\Application Data\Ahead
    2008-10-10 16:43 --------- d-----w H:\Program Files\NVIDIA Corporation
    2008-10-10 16:41 --------- d-----w H:\Program Files\MSI
    2008-10-10 16:37 315,392 ----a-w H:\WINDOWS\HideWin.exe
    2008-10-10 16:37 --------- d-----w H:\Program Files\Realtek
    2008-10-10 16:35 --------- d-----w H:\Documents and Settings\ALEXANDRA\Application Data\InstallShield
    2008-10-10 16:27 --------- d-----w H:\Program Files\microsoft frontpage
    2008-10-10 16:26 --------- d-----w H:\Program Files\Services en ligne
    2008-10-10 12:45 --------- d-----w H:\Program Files\Alwil Software
    2008-10-10 12:08 --------- d-----w H:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-10-10 11:32 --------- d-----w H:\Program Files\Nero
    2008-10-10 11:32 --------- d-----w H:\Program Files\Fichiers communs\Ahead
    2008-10-10 11:31 --------- d-----w H:\Program Files\Yahoo!
    2008-10-10 11:26 --------- d-----w H:\Documents and Settings\All Users\Application Data\TuneUp Software
    2008-10-10 11:26 --------- d-----w H:\Documents and Settings\ALEXANDRA\Application Data\TuneUp Software
    2008-10-10 11:16 155,995 ----a-w H:\WINDOWS\java\Packages\EC89NJPV.ZIP
    2008-10-10 11:16 --------- d-----w H:\Program Files\Fichiers communs\Java
    2008-10-10 11:15 --------- d-----w H:\Program Files\K-Lite Codec Pack
    2008-10-10 11:15 --------- d-----w H:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-10-10 11:10 --------- d-----w H:\Program Files\Microsoft.NET
    2008-09-15 15:26 1,846,528 ----a-w H:\WINDOWS\system32\win32k.sys
    2008-09-08 10:41 333,824 ----a-w H:\WINDOWS\system32\drivers\srv.sys
    2008-08-26 08:11 826,368 ----a-w H:\WINDOWS\system32\wininet.dll
    2008-08-14 13:23 2,147,328 ----a-w H:\WINDOWS\system32\ntoskrnl.exe
    2008-08-14 13:23 2,025,984 ----a-w H:\WINDOWS\system32\ntkrnlpa.exe
    2000-10-23 08:37 122,880 ----a-r H:\WINDOWS\inf\AGFA\Message.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "H:\Program Files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

    [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="H:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
    "MsnMsgr"="H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "EPSON Stylus Photo R285 Series"="H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE" [2007-04-13 182272]
    "Orb"="H:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
    "MSMSGS"="H:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "NeroFilterCheck"="H:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [2007-10-04 8491008]
    "Adobe Reader Speed Launcher"="H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "WinampAgent"="H:\Program Files\Winamp\winampa.exe" [2008-08-04 36352]
    "avast!"="H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="H:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

    H:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-11 110592]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.3iv2"= 3ivxVfWCodec.dll
    "VIDC.VP31"= vp31vfw.dll
    "msacm.l3fhg"= mp3fhg.acm

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "NVIDIA nTune"="H:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="H:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "RTHDCPL"=RTHDCPL.EXE
    "NvCplDaemon"=RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
    "NvMediaCenter"=RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    "LiveMonitor"=H:\Program Files\MSI\Live Update 3\LMonitor.exe
    "Alcmtr"=ALCMTR.EXE
    "Adobe Reader Speed Launcher"="H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    "nwiz"=nwiz.exe /install

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "H:\\WINDOWS\\system32\\dpvsetup.exe"=
    "H:\\Program Files\\eMule\\emule.exe"=
    "H:\\Program Files\\LimeWire\\LimeWire.exe"=
    "H:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "H:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "H:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "H:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "H:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
    "H:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=

    R1 aswSP;avast! Self Protection;H:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
    R2 aswFsBlk;aswFsBlk;H:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 UxTuneUp;TuneUp Extension de thème;H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    R3 usbstor;Pilote de stockage de masse USB;H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 NVHDA;Service for NVIDIA HDMI Audio Driver;H:\WINDOWS\system32\drivers\nvhda32.sys [2007-07-16 26272]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;H:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-31 355584]
    S3 usbscan;Pilote de scanneur USB;H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Tâches planifiées'

    2008-11-02 H:\WINDOWS\Tasks\Maintenance en 1 clic.job
    - H:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]

    2008-10-31 H:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - H:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
    .
    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - H:\Documents and Settings\ALEXANDRA\Application Data\Mozilla\Firefox\Profiles\a5alt4x7.default\
    FF -: plugin - H:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF -: plugin - H:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-02 17:18:56
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-11-02 17:19:30
    ComboFix-quarantined-files.txt 2008-11-02 16:19:27

    Avant-CF: 221,921,693,696 octets libres
    Après-CF: 221,967,294,464 octets libres

    258 --- E O F --- 2008-10-24 16:33:16
    2 Novembre 2008 19:27:11

    Re,
    u faut il que je telecharge antivir?
    2 Novembre 2008 19:39:50

    apres plusieurs essais je suis arrivée à l'installer, voici le rapport :
    02.11.2008 19:35:58 - Installation Directory: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
    02.11.2008 19:35:58 - Backup Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
    02.11.2008 19:35:58 - Temp Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\
    02.11.2008 19:35:58 - Using System's global Proxy settings
    02.11.2008 19:35:58 - Launching GUI... display mode: 0
    02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
    02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
    02.11.2008 19:35:58 - Installation Directory: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
    02.11.2008 19:35:58 - Backup Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
    02.11.2008 19:35:58 - Temp Directory: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\
    02.11.2008 19:35:58 - Using System's global Proxy settings
    02.11.2008 19:35:58 - Launching GUI... display mode: 0
    02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
    02.11.2008 19:35:58 - selftest successful: H:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
    02.11.2008 19:35:58 - Avira AntiVir Personal - Free Antivirus
    02.11.2008 19:35:59 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\idx/master.idx to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
    02.11.2008 19:35:59 - Master IDX file has changed
    02.11.2008 19:35:59 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/classic-nt-en.info.gz
    02.11.2008 19:36:00 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\classic-nt-en.info to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
    02.11.2008 19:36:00 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/vdf.info.gz
    02.11.2008 19:36:00 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/specvir-nt.info.gz
    02.11.2008 19:36:01 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/ave2.info.gz
    02.11.2008 19:36:01 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/info-wks-classic-nt-en.in...
    02.11.2008 19:36:02 - Module: SELFUPDATE Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
    02.11.2008 19:36:02 - Module: MAIN Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 83
    02.11.2008 19:36:02 - Module: COMMAPPDATA_AV Source: winwks\en\ Destination: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ Files: 1
    02.11.2008 19:36:02 - Module: COMMAPP Source: winwks\en\ Destination: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ Files: 4
    02.11.2008 19:36:02 - Module: COMMAPDATA_AV_PROFILES Source: winwks\en\ Destination: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ Files: 2
    02.11.2008 19:36:02 - Module: TEXT Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
    02.11.2008 19:36:02 - Module: VDF Source: vdf\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf 6.40.0.0 < 7.1.0.0
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf 7.0.5.1 < 7.1.0.21
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.5.20 < 7.1.0.22
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.5.23 < 7.1.0.27
    02.11.2008 19:36:02 - Module: AVREP_NT Source: engine\nt\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll 7.0.0.1 < 8.0.0.2
    02.11.2008 19:36:02 - Module: AVE2 Source: ave2\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 14
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.2.6 < 8.1.2.9
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.41 < 8.1.0.42
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.59 < 8.1.0.63
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.28 < 8.1.0.29
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.1.8 < 8.1.1.9
    02.11.2008 19:36:02 - H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat 8.2.0.4 < 8.2.0.10
    02.11.2008 19:36:02 - Module: DRV Source: winwks\en\ Destination: H:\WINDOWS\SYSTEM32\drivers\ Files: 4
    02.11.2008 19:36:02 - Module: PRODINFO Source: winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
    02.11.2008 19:36:02 - Minifilter is installed
    02.11.2008 19:36:02 - Minifilter is possible
    02.11.2008 19:36:02 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
    02.11.2008 19:36:03 - Initialize avnotify.exe
    02.11.2008 19:36:03 - Starting avnotify.exe successful
    02.11.2008 19:36:03 - Preparing to download files
    02.11.2008 19:36:03 - 13 files need to be downloaded / copied from http://dl2.avgate.net/upd/
    02.11.2008 19:36:03 - #1: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/classic-nt/filelist... to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/filelist.ini
    02.11.2008 19:36:03 - #2: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/classic-nt/product.... to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/product.ini
    02.11.2008 19:36:04 - #3: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir0.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir0.vdf
    02.11.2008 19:36:50 - #4: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir1.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir1.vdf
    02.11.2008 19:36:51 - #5: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir2.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir2.vdf
    02.11.2008 19:36:52 - #6: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir3.vdf.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir3.vdf
    02.11.2008 19:36:52 - #7: Downloading and extracting http://dl2.avgate.net/upd/engine/nt/avrep.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\engine\nt\avrep.dll
    02.11.2008 19:36:53 - #8: Downloading and extracting http://dl2.avgate.net/upd/ave2/aecore.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aecore.dll
    02.11.2008 19:36:53 - #9: Downloading and extracting http://dl2.avgate.net/upd/ave2/aegen.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aegen.dll
    02.11.2008 19:36:54 - #10: Downloading and extracting http://dl2.avgate.net/upd/ave2/aeheur.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeheur.dll
    02.11.2008 19:36:56 - #11: Downloading and extracting http://dl2.avgate.net/upd/ave2/aeoffice.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeoffice.dll
    02.11.2008 19:36:57 - #12: Downloading and extracting http://dl2.avgate.net/upd/ave2/aescript.dll.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aescript.dll
    02.11.2008 19:36:58 - #13: Downloading and extracting http://dl2.avgate.net/upd/ave2/aeset.dat.gz to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeset.dat
    02.11.2008 19:37:03 - Keyfile: OK [FULL Mode]
    02.11.2008 19:37:03 - Status of service AntiVirService is running
    02.11.2008 19:37:03 - Initialize avscan.exe
    02.11.2008 19:37:03 - Initialize avcenter.exe
    02.11.2008 19:37:03 - Initialize avgnt.exe
    02.11.2008 19:37:03 - avscan.exe closed.
    02.11.2008 19:37:04 - avgnt.exe closed.
    02.11.2008 19:37:04 - Starting to install
    02.11.2008 19:37:04 - File H:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini will not be backed up because it doesn't exist
    02.11.2008 19:37:04 - File H:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini will not be backed up because it doesn't exist
    02.11.2008 19:37:04 - Processing module MAIN Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
    02.11.2008 19:37:04 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/filelist.ini to H:\Program Files\Avira\AntiVir PersonalEdition Classic\filelist.ini
    02.11.2008 19:37:04 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\winwks\en\classic-nt/product.ini to H:\Program Files\Avira\AntiVir PersonalEdition Classic\product.ini
    02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir0.vdf
    02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir1.vdf
    02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir2.vdf
    02.11.2008 19:37:04 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\antivir3.vdf
    02.11.2008 19:37:04 - Processing module VDF Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
    02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir0.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf
    02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir1.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf
    02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir2.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf
    02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\vdf\antivir3.vdf to H:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf
    02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\avrep.dll
    02.11.2008 19:37:05 - Processing module AVREP_NT Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\engine\nt\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
    02.11.2008 19:37:05 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\engine\nt\avrep.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll
    02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aecore.dll
    02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aegen.dll
    02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeheur.dll
    02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeoffice.dll
    02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aescript.dll
    02.11.2008 19:37:05 - Copy file H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat to H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\aeset.dat
    02.11.2008 19:37:05 - Processing module AVE2 Source: H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\ Destination: H:\Program Files\Avira\AntiVir PersonalEdition Classic\
    02.11.2008 19:37:06 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aecore.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll
    02.11.2008 19:37:07 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aegen.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll
    02.11.2008 19:37:08 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeheur.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll
    02.11.2008 19:37:09 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeoffice.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll
    02.11.2008 19:37:10 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aescript.dll to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll
    02.11.2008 19:37:10 - Copy file H:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_490df30e\ave2\aeset.dat to H:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat
    02.11.2008 19:37:10 - A total of 13 files were updated
    02.11.2008 19:37:10 - Initialize AVWSC.EXE
    02.11.2008 19:37:10 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress
    02.11.2008 19:37:10 - Status of service AntiVirService is running
    02.11.2008 19:37:11 - Reinitialization of AntiVirService carried out successfully.
    02.11.2008 19:37:11 - Starting avgnt.exe successful
    02.11.2008 19:37:11 - Dialup: 0
    02.11.2008 19:37:11 - Downloaded bytes: 16897069
    02.11.2008 19:37:11 - Downloaded file(s): 13
    02.11.2008 19:37:11 - Downloaded file(s): filelist.ini; product.ini; antivir0.vdf; antivir1.vdf; antivir2.vdf; antivir3.vdf; avrep.dll; aecore.dll; aegen.dll; aeheur.dll
    02.11.2008 19:37:11 - Downloaded file(s): aeoffice.dll; aescript.dll; aeset.dat
    02.11.2008 19:37:11 - Required time: 01:13
    02.11.2008 19:37:11 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate
    02.11.2008 19:37:12 - Update finished successfully
    2 Novembre 2008 20:28:41

    Re et bon appétit !
    je viens de faire un nouveau scan de antivir
    Avira AntiVir Personal
    Report file date: 2 novembre 2008 20:05

    Scanning for 1002747 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 3) [5.1.2600]
    Boot mode: Normally booted
    Username: ALEXANDRA
    Computer name: WINXPSP3

    Version information:
    BUILD.DAT : 8.2.0.334 16933 Bytes 2008-10-16 14:55:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 09:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 08:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 13:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 08:58:52
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 18:36:50
    ANTIVIR1.VDF : 7.1.0.21 130560 Bytes 2008-10-31 18:36:51
    ANTIVIR2.VDF : 7.1.0.22 2048 Bytes 2008-10-31 18:36:52
    ANTIVIR3.VDF : 7.1.0.27 30208 Bytes 2008-11-02 18:36:52
    Engineversion : 8.2.0.10
    AEVDF.DLL : 8.1.0.6 102772 Bytes 2008-10-14 11:05:56
    AESCRIPT.DLL : 8.1.1.9 319867 Bytes 2008-11-02 18:36:58
    AESCN.DLL : 8.1.1.3 123252 Bytes 2008-10-14 11:05:56
    AERDL.DLL : 8.1.1.2 438644 Bytes 2008-09-12 07:06:02
    AEPACK.DLL : 8.1.2.4 369014 Bytes 2008-10-14 11:05:56
    AEOFFICE.DLL : 8.1.0.29 196988 Bytes 2008-11-02 18:36:57
    AEHEUR.DLL : 8.1.0.63 1479032 Bytes 2008-11-02 18:36:56
    AEHELP.DLL : 8.1.1.2 115062 Bytes 2008-10-14 11:05:56
    AEGEN.DLL : 8.1.0.42 319861 Bytes 2008-11-02 18:36:54
    AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-14 11:05:56
    AECORE.DLL : 8.1.2.9 172407 Bytes 2008-11-02 18:36:53
    AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-14 11:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 09:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 10:28:01
    AVREP.DLL : 8.0.0.2 98344 Bytes 2008-11-02 18:36:53
    AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 12:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 09:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 13:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 18:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 13:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 13:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 14:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 14:34:37

    Configuration settings for the scan:
    Jobname..........................: Local Hard Disks
    Configuration file...............: h:\program files\avira\antivir personaledition classic\alldiscs.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: H:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 2 novembre 2008 20:05

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
    Scan process 'winampTbServer.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'nTuneService.exe' - '1' Module(s) have been scanned
    Scan process 'MDM.EXE' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'OrbTray.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'winampa.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    36 processes with 36 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD2
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.
    Master boot sector HD4
    [INFO] No virus was found!
    [WARNING] System error [21]: Le périphérique n'est pas prêt.

    Start scanning boot sectors:
    Boot sector 'H:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '53' files ).


    Starting the file scan:

    Begin scan in 'H:\'
    H:\pagefile.sys
    [WARNING] The file could not be opened!
    H:\Avenger\m\shared\404 : Page is Not Found ? Now it will be! 1.1.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4941fa6b.qua'!
    H:\Avenger\m\shared\7tools_Partition_Manager_2005_6.02.01.zip
    [0] Archive type: ZIP
    --> key_generator.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '497cfab2.qua'!
    H:\Avenger\m\shared\abcAVI_Tag_Editor_1.8.1.129.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4970faa2.qua'!
    H:\Avenger\m\shared\Advanced_Page_Rank_Analyzer_2.0_[Crack].zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4983faa6.qua'!
    H:\Avenger\m\shared\AJet_3.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4972fa90.qua'!
    H:\Avenger\m\shared\All_Stats_Hockey_Coach_6.0.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4979fac1.qua'!
    H:\Avenger\m\shared\Altdo_Convert_MP3_Master_2.1.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4981fafa.qua'!
    H:\Avenger\m\shared\Apple_FireWire_Drivers_2.5.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [WARNING] The file was ignored!
    H:\Avenger\m\shared\Asf_Seek_Maker_1.5_KeyGen.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4973fb08.qua'!
    H:\Avenger\m\shared\AtleX CPU Speed 1.0.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4979fb0b.qua'!
    H:\Avenger\m\shared\Autumn Leaves Fall Foliage Collection 2.0.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [WARNING] The file was ignored!
    H:\Avenger\m\shared\Avast.Pro.v4.7.871.Incl.Keymaker-CORE.czip.zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '496efb13.qua'!
    H:\Avenger\m\shared\A_Haunted_Halloween_ScreenSaver_1.00.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Backup2Net_1.1.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [WARNING] The file was ignored!
    H:\Avenger\m\shared\BatteryMon_2.1_Build_1000_Cracked.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4981fb09.qua'!
    H:\Avenger\m\shared\Beautiful Britain winter screensaver 1.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was renamed to 'Beautiful Britain winter screensaver 1.zip.VIR'!
    H:\Avenger\m\shared\Beyond_Media_1.0_Key.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [WARNING] The file was ignored!
    H:\Avenger\m\shared\BFG_Chat_Client_1.17.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4954fb08.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Bid-n-Invoice Basic Invoice 2.1.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4971fb31.qua'!
    H:\Avenger\m\shared\Butterfly Jungle 3D Screensaver 1.0.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was moved to '4981fb41.qua'!
    H:\Avenger\m\shared\Car_Logbook_2.3.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffb33.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Chronilist 5.9.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffb3f.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Claves.Bitdefender.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '496efb4e.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Copy+ 2.01.01.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497dfb58.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\CryptoSystem Personal 1.2.zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4986fb62.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Custom Shapes Pack 12 'Torus' 1.0.0 Patch.zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Data Export - DB22DBF 1.0.zip
    [0] Archive type: ZIP
    --> key_generator.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fb5f.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\DB-HTML_Converter_PRO_1.4.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '493afb45.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Demo Builder 6.00.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497afb71.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Desktop FLV Player 1.0.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4980fb76.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Desktop Organizer & Arranger 1.1.7.zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4980fb7c.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Digital Photo Fixer 2004.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4974fb86.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Diskasizer 1.2.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4980fb8a.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Dmouse 1.0.0.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497cfb93.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\DocsToBox 1.1.1 Build 195.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\DVDCommander_Free_2006_2.5.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4951fb86.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\EasyHex Hex Editor 1.13.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4980fb9a.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Easy_Pocket_PC_Installer_1.21.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4980fb9f.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\EDIdEv_SEF_Reader_1.0.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4956fbb3.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\EMS_Data_Import_2005_for_MySQL_2.1.0.2.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4960fbc1.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Energize 2.0 Beta 2.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4972fbe7.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Enigma_0.92.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4976fbeb.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Ewido.antimalware.4.0.Beta.keygen.Serial.czip.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4976fbf9.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Extra DVD Ripper Express 4.52.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fc01.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Eye_Candy_5_Impact_[KeyGen].zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4972fc06.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\EzLink NG 2005.10.21.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4959fc0c.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\File Data Viewer 1.0.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4979fc00.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Fitness Assistant 1.99.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fc09.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Flash_Projector_1.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '496efc0d.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\FlowChartX_control_4.1.4.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497cfc0d.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\FMF Skin Creator 1.0.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4953fbee.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Fontonizer_1.02_build_105.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497bfc11.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\FotoTagger 2.10.0.1.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fc11.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\FoxNotes 2.5.4.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4985fc11.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\FrameSolver 2D 1.0 Key.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '496efc15.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Frobisher Font TrueType 1.51.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497cfc15.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\FullShot_9.5.1.1_(Key+Serial).zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4979fc18.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\GameSelect_2.1.1.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497afc04.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\genesisseeds_toolbar_for_IE_4.5.132.0.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497bfc09.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Goal.Com - Live News 1.0.0.0.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '496efc13.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Google Pack 2.2.969.23408 Beta.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497cfc13.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Green Saver 3.10.0510.zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4972fc16.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Half-Life_Natural_Selection_4_client_3.0_beta.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4979fc06.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Halo_Dedicated_Server_Init_File_Builder_2.1.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '487ea927.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Hot Video to iPod Converter 2.0 Crack.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fc14.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Human Resource Manager 2.0.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497afc1b.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Inhabitants of Wood Screensaver 1.0.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4975fc14.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\JobOrder 12.9.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '496ffc15.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Kalvyn_Workgroup_Software_Access_Edition_2006_1.0.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4979fc08.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Karamasoft_UltimateEditor_2.3_(Serial).zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc08.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\KFI am 640 2.00.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4956fbed.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\KingConvert For Data Burn 5.0.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '48e1fb2a.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\LingvoSoft_Dictionary_2007_Russian_-_Armenian_4.0.22_[Key].zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497bfc13.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\ListGrabber Standard 4.0.0.39.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4980fc11.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Lookup Unlisted Phone Number 1.0.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497cfc17.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\LuckyPhoto 1.0.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4970fc1e.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Magic_Audio_Recorder_5.4.0.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4974fc0a.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\MCE Controller 1.1.0.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4952fbec.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Microsoft Phishing Filter Add-in for MSN Search Toolbar 3.0.4702.0.zip
    [0] Archive type: ZIP
    --> key_generator.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4970fc13.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Millions_of_Light_Years_1.6_Cracked.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4979fc13.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\MindChimes 1.3.0.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '48e1fb2c.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Ministry Assistant 1.4.3.4.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497bfc14.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\MSN UK Movies 1.0.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '495bfbfe.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Nawras PC Supervisor 1.0.0.0.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4984fc0c.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\NOD32.Antivirus.v2.51.30.FR.(Version.Windows_XP_2000_2003_NT_32-bit_64-bit).Incl-Crack.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4951fbfa.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\NotepadEx 1.7.4.4.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fc1b.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\PalTalkScene 9.2.221.zip
    [0] Archive type: ZIP
    --> key_generator.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4979fc0d.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Parnian_for_Freehand_3.0.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc0d.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Paving Design Expert 1.3.0.135.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4983fc0e.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\PDF Suite .NET 3.0.zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4953fbf1.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\PDF_album_maker_1.01_[Cracked].zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '48c9fcca.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Phone Deck 1.3.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497cfc16.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Play_Guitar_2.0.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '496efc1a.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\PLC Training - RSlogix Simulator 3.0.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4950fbfa.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Pluto_3D_ScreenSaver_1.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4982fc1b.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\PrePromote v4.05.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4972fc21.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\PSD2FLA_1.0.3_r031_Key+Serial.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4951fc02.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Qurb_3.0.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc24.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\RICECAKES 1.5.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4950fbf9.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\ServersCheck_VNCAdministrator_1.0_[Serial].zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc15.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\SetPwd 1.5.0.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fc15.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\SetupTIE2007 1.0.3.4.zip
    [0] Archive type: ZIP
    --> setup.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4981fc16.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Simple_Home_Money_Management_2006.4.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497afc1a.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Softinabox_Remind_Me!_1.0.0_Build_38.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4973fc20.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Sprinkle Clock ScreenSaver 2.3.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc22.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\SSW_Property_and_Event_Pro_2000_2.3_[KeyGen].zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4964fc05.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Stay with me toolbar for IE 4.5.132.0.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '496efc26.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Streams 1.53.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc26.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Sudoku_Puzzle_Game_1.0.zip
    [0] Archive type: ZIP
    --> run.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4971fc28.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Summertime_Skies_1.00.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497afc28.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\SysImage_HTML2Image_1.5_Crack.zip
    [0] Archive type: ZIP
    --> key_generator.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4980fc2c.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\TechSmith_Screen_Capture_Codec_1.0.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4970fc19.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\The Hubble Space Telescope Part 2 1.0.zip
    [0] Archive type: ZIP
    --> key_gen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4972fc1c.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\True_Conception_of_Sri_Guru_Tattva_1.08.zip
    [0] Archive type: ZIP
    --> patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4982fc27.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\UControls GlassButton 1.zip
    [0] Archive type: ZIP
    --> keygen.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497cfbf8.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\VCW VicMan's Submass 5.2 Key+Serial.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4964fbf8.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\VeriTime Time Tracker 5.0.4.16.zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc1a.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\ViruScape_2006.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497ffc1f.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Voxengo_Marquis_Compressor_1.4_(Key).zip
    [0] Archive type: ZIP
    --> install.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4985fc25.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\WannaChat 0.50804.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497bfc17.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Wav_Split_Mp3_1.00_(Cracked).zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4983fc18.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\WeightWare_3.4.0_Crack.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4976fc1c.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Windows_Live_Messenger_Now_Playing_Plugin_0.23.zip
    [0] Archive type: ZIP
    --> serial.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497bfc20.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\WorshipLeader_4.8.2.zip
    [0] Archive type: ZIP
    --> install_patch.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '48e5fb1f.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Y!RabidStatter_2.1.zip
    [0] Archive type: ZIP
    --> install_crack.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '495ffbd9.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\Zinc 2.5.0.16.zip
    [0] Archive type: ZIP
    --> key_generator.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '497bfc21.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Avenger\m\shared\ZPC demo.zip
    [0] Archive type: ZIP
    --> crac.exe
    [DETECTION] Is the TR/Dldr.Bagle.ael Trojan
    [NOTE] A backup was created as '4950fc09.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Documents and Settings\ALEXANDRA\Incomplete\T-3545425-anne silvestre.mp3
    [DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
    [NOTE] A backup was created as '4940fbf0.qua' ( QUARANTINE )
    [NOTE] The file was deleted!
    H:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Ad-Aware QF 20081025 131042.aawqff
    [0] Archive type: HIDDEN
    --> FIL\\\?\H:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Ad-Aware QF 20081025 131042.aawqff
    [DETECTION] Is the TR/Bagle.Gen.B Trojan
    [NOTE] A backup was created as '493afcae.qua' ( QUARANTINE )
    [NOTE] The file was deleted!


    End of the scan: 2 novembre 2008 20:26
    Used time: 20:41 Minute(s)

    The scan has been done completely.

    2935 Scanning directories
    282359 Files were scanned
    129 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    111 files were deleted
    0 files were repaired
    121 files were moved to quarantine
    1 files were renamed
    1 Files cannot be scanned
    282229 Files not concerned
    1526 Archives were scanned
    9 Warnings
    125 Notes

    a b 8 Sécurité
    3 Novembre 2008 12:10:30

    Reposte un rapport Hijackthis.
    7 Novembre 2008 09:39:39

    Bonjour, voici le rapport demandé :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:36:14, on 2008-11-07
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    H:\WINDOWS\System32\smss.exe
    H:\WINDOWS\system32\winlogon.exe
    H:\WINDOWS\system32\services.exe
    H:\WINDOWS\system32\lsass.exe
    H:\WINDOWS\system32\svchost.exe
    H:\WINDOWS\System32\svchost.exe
    H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    H:\WINDOWS\Explorer.EXE
    H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    H:\Program Files\Winamp\winampa.exe
    H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    H:\WINDOWS\system32\ctfmon.exe
    H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    H:\Program Files\Winamp Remote\bin\OrbTray.exe
    H:\Program Files\Messenger\msmsgs.exe
    H:\WINDOWS\system32\spoolsv.exe
    H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    H:\WINDOWS\System32\svchost.exe
    H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    H:\WINDOWS\system32\nvsvc32.exe
    H:\WINDOWS\system32\svchost.exe
    H:\WINDOWS\system32\wbem\wmiapsrv.exe
    H:\WINDOWS\system32\wuauclt.exe
    H:\Program Files\Windows Live\Messenger\usnsvc.exe
    H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - H:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [avgnt] "H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EPSON Stylus Photo R285 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Orb] "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Winamp Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - H:\WINDOWS\System32\TuneUpDefragService.exe

    --
    End of file - 7441 bytes
    a b 8 Sécurité
    7 Novembre 2008 18:44:28

    Re,

    Fix la ligne dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    8 Novembre 2008 00:19:10

    Re,
    je l'ai fait
    voici le rapport après :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:15:43, on 2008-11-08
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    H:\WINDOWS\System32\smss.exe
    H:\WINDOWS\system32\winlogon.exe
    H:\WINDOWS\system32\services.exe
    H:\WINDOWS\system32\lsass.exe
    H:\WINDOWS\system32\svchost.exe
    H:\WINDOWS\System32\svchost.exe
    H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    H:\WINDOWS\Explorer.EXE
    H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    H:\Program Files\Winamp\winampa.exe
    H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    H:\WINDOWS\system32\ctfmon.exe
    H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    H:\Program Files\Winamp Remote\bin\OrbTray.exe
    H:\Program Files\Messenger\msmsgs.exe
    H:\WINDOWS\system32\spoolsv.exe
    H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    H:\WINDOWS\System32\svchost.exe
    H:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    H:\WINDOWS\system32\nvsvc32.exe
    H:\WINDOWS\system32\svchost.exe
    H:\WINDOWS\system32\wbem\wmiapsrv.exe
    H:\Program Files\Windows Live\Messenger\usnsvc.exe
    H:\Program Files\eMule\emule.exe
    H:\WINDOWS\System32\TuneUpDefragService.exe
    H:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - H:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [avgnt] "H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EPSON Stylus Photo R285 Series] H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKE.EXE /FU "H:\WINDOWS\TEMP\E_S97.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Orb] "H:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Winamp Search - H:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - H:\WINDOWS\System32\TuneUpDefragService.exe

    --
    End of file - 7357 bytes
    a b 8 Sécurité
    8 Novembre 2008 14:45:43

    Encore des soucis ?
    8 Novembre 2008 15:26:33

    NON JE NE PENSE PAS , J'ai seulement l'ordi qui plante q'en je veux jouer au jeu VERSAILLE;penses-tu qu'il y ait un lien?
    Pour l'antivirus faut-il que je mette automatiquement les virus en quarentaine ou que face DELATE?
    Merci

    a b 8 Sécurité
    8 Novembre 2008 18:19:22

    En quarantaine c'est bien. Pour moi, ton problème n'est pas lié à une infection.
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS