Beagle ( je crois)

############################## [ FindyKill V4.717 ]

# User : YVES (Utilisateurs) # FAMILLE
# Update on 17/02/09 by Chiquitine29
# Start at: 19:07:48 | 23/02/2009

# Intel(R) Pentium(R) 4 CPU 3.00GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # NTFS
# D:\ # Disque fixe local (grenier) # NTFS
# E:\ # Disque amovible
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque fixe local # NTFS
# J:\ # Disque CD-ROM

############################## [ Processus actifs ]

I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\csrss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\system32\netdde.exe
I:\WINDOWS\system32\dllhost.exe
I:\WINDOWS\system32\imapi.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\alg.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\RTHDCPL.EXE
I:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
I:\Program Files\Java\jre6\bin\jusched.exe
I:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\WINDOWS\system32\lexpps.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Documents and Settings\YVES\Application Data\m\flec006.exe
I:\WINDOWS\system32\wintems.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\WINDOWS\explorer.exe
I:\Program Files\Mozilla Firefox\firefox.exe
I:\Program Files\DAP\DAP.EXE
I:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Processus infectieux stoppés ]

"I:\Documents and Settings\YVES\Application Data\m\flec006.exe" (3516)
"I:\WINDOWS\system32\wintems.exe" (2604)

################## [ Fichiers / Dossiers infectieux I:\ ]


################## [ I:\WINDOWS ]


################## [ I:\WINDOWS\system32 ]

Found ! - I:\WINDOWS\system32\mdelk.exe
Found ! - I:\WINDOWS\system32\wintems.exe
Found ! - I:\WINDOWS\system32\ban_list.txt

################## [ I:\WINDOWS\system32\drivers ]

Found ! - "I:\WINDOWS\system32\drivers\down"

################## [ I:\.. Application Data ... ]

Found ! - "I:\Documents and Settings\YVES\Application Data\m\flec006.exe"
Found ! - "I:\Documents and Settings\YVES\Application Data\m\list.oct"
Found ! - "I:\Documents and Settings\YVES\Application Data\m\data.oct"
Found ! - "I:\Documents and Settings\YVES\Application Data\m\srvlist.oct"
Found ! - "I:\Documents and Settings\YVES\Application Data\m\shared"
Found ! - "I:\Documents and Settings\YVES\Application Data\m"
Found ! - "I:\Documents and Settings\YVES\Application Data\drivers"
Found ! - "I:\Documents and Settings\YVES\Application Data\drivers\wfsintwq.sys"
Found ! - "I:\Documents and Settings\YVES\Application Data\drivers\winupgro.exe"
Found ! - "I:\Documents and Settings\YVES\Application Data\drivers\downld"

################## [ Registre / Clés infectieuses ]

Found ! - HKEY_USERS\S-1-5-21-448539723-926492609-682003330-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-448539723-926492609-682003330-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-448539723-926492609-682003330-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-448539723-926492609-682003330-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | german.exe
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | mule_st_key

# Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
# Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1

################## [ Recherche dans supports amovibles]

# Presence des fichiers :


################## [ Registre / Mountpoint2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.717 ! ]


Que dois-je faire ensuite ?
PS: la , j'ai redémarré et le virus c'est provisoirement arrete.SOn revenu ect. Mais les antivirus sont toujours down.

Avast réinstallé , ca a l'air de marcher. Je peux lancer la recherche de crack de findykill ?