carad'oc

cher Falkra, ... un grand merci pour ton aide précieuse, réactive et pertinente .... ps : combofix je l'avais renommé tralala sur le bureau ...donc je fais tralala /u right ? )

non plus de symptomes ...

bon .. pour antivir, j'ai été cherché la base de données sur le site avira pour un update manuel --> résolu so far !

bonjour Falkra un petit mot de plus sur ce qu'il se passe avec Antivir, qui me met un avertissement me disant que la mise à jour date de plus de 3 jours, mais quand je fais "update", la mise à jour semble ne se faire QUE sur le programme et pas sur la base virale. Du coup , l'icone de la ligne "update" reste un triangle rouge sur la console Antivir, et en d"taillant je constate que la version de la base virale date de juin 2008. What's up doc? ... en te rappelant que lors de l'install d'antivir, mon win defender a disparu ... tu sais celui qui m'envoie une notif à chaque modif du registre

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:59:03, on 20/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Documents and Settings\Jean-Louis\Bureau\HiJackThis2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [instantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe (User 'SYSTEM') O4 - .DEFAULT Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe (User 'Default user') O4 - .DEFAULT User Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1113563795718 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187967080015 O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwared...ion_2_0_4_8.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: RDFLabel - Unknown owner - C:\Program Files\ICRAplus\RDFLabel\RDFLabel.exe -- End of file - 10631 bytes

tu vx que je refasse avec la nouvelle version ?

Logfile of HijackThis v1.99.1 Scan saved at 23:31:29, on 20/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe c:\program files\avira\antivir personaledition classic\avcenter.exe C:\Program Files\highjackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [instantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1113563795718 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187967080015 O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwared...ion_2_0_4_8.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: RDFLabel - Unknown owner - C:\Program Files\ICRAplus\RDFLabel\RDFLabel.exe

sauf que malgré que j'ai fait la mise à jour, j'ai l'icone update qui reste rouge ...

j'avais un peu anticipé .... voici le log Avira AntiVir Personal Report file date: jeudi 20 novembre 2008 21:46 Scanning for 1369550 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: LOCAL-0D522026B Version information: BUILD.DAT : 8.2.0.334 16933 Bytes 16/10/2008 14:55:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 11:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 14:54:15 ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 06:20:53 ANTIVIR3.VDF : 7.0.5.23 17408 Bytes 30/06/2008 10:24:47 Engineversion : 8.2.0.4 AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56 AESCRIPT.DLL : 8.1.1.8 319866 Bytes 16/10/2008 12:43:34 AESCN.DLL : 8.1.1.3 123252 Bytes 14/10/2008 11:05:56 AERDL.DLL : 8.1.1.2 438644 Bytes 12/09/2008 07:06:02 AEPACK.DLL : 8.1.2.4 369014 Bytes 14/10/2008 11:05:56 AEOFFICE.DLL : 8.1.0.28 196987 Bytes 14/10/2008 11:05:56 AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 10:07:50 AEHELP.DLL : 8.1.1.2 115062 Bytes 14/10/2008 11:05:56 AEGEN.DLL : 8.1.0.41 319861 Bytes 14/10/2008 11:05:56 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56 AECORE.DLL : 8.1.2.6 172406 Bytes 14/10/2008 11:05:56 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01 AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 15:35:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: jeudi 20 novembre 2008 21:46 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned Scan process 'YahooMessenger.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'LVComSer.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'PCLETray.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'apdproxy.exe' - '1' Module(s) have been scanned Scan process 'soundman.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned Scan process 'CALMAIN.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'LVComSer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 45 processes with 45 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Master boot sector HD2 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Master boot sector HD3 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Master boot sector HD4 [iNFO] No virus was found! [WARNING] System error [21]: Le périphérique n'est pas prêt. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '60' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\autre\Bureau\img091307-www.photoshop.com [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan [NOTE] The file was moved to '498cd0a1.qua'! C:\Documents and Settings\Jean-Louis\Bureau\cohtrnmg.exe [DETECTION] Is the TR/Agent.231424.A Trojan [NOTE] The file was moved to '498dd21b.qua'! C:\Documents and Settings\Jean-Louis\Bureau\company_of_heroes_cohtrainer12ch\cohtrnmg.exe [DETECTION] Is the TR/Agent.231424.A Trojan [NOTE] The file was moved to '498dd23c.qua'! C:\Qoobox\Quarantine\C\Documents and Settings\Jean-Louis\Application Data\m\flec006.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '498adcc5.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '498adce2.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\wintems.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4993dceb.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_srosa_.sys.zip [0] Archive type: ZIP --> srosa.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was moved to '4997dcf7.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\101734.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4956dcb6.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\104968.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4959dcb8.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\128968.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '495ddcbc.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\136562.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '495bdcbf.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\151218.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4956dcc3.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\151390.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4956dcc6.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\161859.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4956dcca.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\172750.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dccd.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\246765.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '495bdcd2.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\249000.exe.vir [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was moved to '495edcd2.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\428328.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '495ddcd1.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\488203.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '495ddcd8.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\525484.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '495adcd2.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\65843.exe.vir [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '495ddcd6.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\68750.exe.vir [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was moved to '495cdcd9.qua'! C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\70515.exe.vir [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was moved to '4d942bdb.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP836\A0215443.exe [DETECTION] Is the TR/Agent.231424.A Trojan [NOTE] The file was moved to '4957de64.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP847\A0217427.exe [DETECTION] Is the TR/Crypt.PEPM.Gen Trojan [NOTE] The file was moved to '4957de93.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP847\A0220419.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was moved to '4957de96.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP848\A0220471.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957de99.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP848\A0220473.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0612.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0220520.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957de9a.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0220522.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957de9b.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0220543.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was moved to '4d9d0614.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0220547.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957de9c.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0220548.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957de9d.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0221534.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was moved to '4d9d0616.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0221539.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957de9e.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0221540.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0617.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0222556.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [NOTE] The file was moved to '4957de9f.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0222562.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dea0.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0222563.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0629.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP849\A0222564.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dea2.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222598.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dea4.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222600.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dea5.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222604.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d062e.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222605.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dea6.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222607.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d062f.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222608.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957deb8.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222610.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dea7.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222615.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0620.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222620.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957dea9.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222621.exe [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was moved to '4957dea8.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222630.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0622.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222633.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957deab.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222636.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957deaa.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222643.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0623.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222644.exe [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was moved to '4d9d0624.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222645.exe [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm [NOTE] The file was moved to '4957dead.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222651.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4957deac.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222652.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0625.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP850\A0222653.exe [DETECTION] Is the TR/Bagle.Gen.B Trojan [NOTE] The file was moved to '4d9d0626.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP853\A0224383.exe [DETECTION] Is the TR/Crypt.PEPM.Gen Trojan [NOTE] The file was moved to '4957ded8.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP854\A0225490.com [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan [NOTE] The file was moved to '4957dee3.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP854\A0225493.exe [DETECTION] Is the TR/Agent.231424.A Trojan [NOTE] The file was moved to '4d9d066c.qua'! C:\System Volume Information\_restore{4BAB21B4-BDA1-4B55-B0DD-AE80210EE96A}\RP854\A0225494.exe [DETECTION] Is the TR/Agent.231424.A Trojan [NOTE] The file was moved to '4957dee5.qua'! End of the scan: jeudi 20 novembre 2008 23:21 Used time: 1:34:41 Hour(s) The scan has been done completely. 14984 Scanning directories 500534 Files were scanned 63 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 63 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 500470 Files not concerned 4018 Archives were scanned 5 Warnings 63 Notes

en mettant antivir, ça m'a viré Win defender .... bizarre ... et aussi quand je fais le task manager j'ai plus les 3 onglets comme avant ... faut ptet que je remette windows à jour non ?

hello Falkra, ... tu as vu le 1er log de MBAM ?

c'est fait me voilà avec antivir ... j'voulais pas rester sans protec trop longtemps ....

re-salut grand gourou ! voilou le rapport précédent : Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1412 Windows 5.1.2600 Service Pack 3 19/11/2008 19:48:56 mbam-log-2008-11-19 (19-48-56).txt Type de recherche: Examen rapide Eléments examinés: 64674 Temps écoulé: 5 minute(s), 46 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjv32 (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\winbjv32.dll (Dialer) -> Quarantined and deleted successfully. voici le rapport précédent BMAM Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1412 Windows 5.1.2600 Service Pack 3 19/11/2008 19:48:56 mbam-log-2008-11-19 (19-48-56).txt Type de recherche: Examen rapide Eléments examinés: 64674 Temps écoulé: 5 minute(s), 46 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjv32 (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\winbjv32.dll (Dialer) -> Quarantined and deleted successfully.

je peux télécherger Antivir dès que je rentre ...?? ou bien j'attends ton feu vert ???

Salut Falkra, bien dormi ?? j'avais fait un MBAM "rapide" (sur fichiers système) et c'est lui qui m'avait trouvé qq trucs : je t'envoie le rapport en fin d'ap midi (suis au boulot là !!) Le rapport "vide" que je t'ai envoyé c'est le dernier fait, scan complet sur le C, avant le dernier CF. Tant que j'y suis AntiVir comme AV pour remplacer AVAST t'en penses quoi ? Merci encore de ton aide