Virus win32 dans la session d'admin

En plein opération avec OTMoveIt, m'est sortie une alerte Avast alors j'ai choisi "mettre en quarentaine", aprés, j'ai eu un rapport, le voilà:


========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Program Files\Download Direct\DLD.exe not found.
C:\WINDOWS\system32\winxp.exe.vir moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi­on\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi­on\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Run not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Fayna\LOCALS~1\Temp\~DF669F.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\VW2IANC5\8SACOCAGXPWRYCA3SG44SCA1YL3ONCA78TJCWCAX9YM68CA5QHB7QCAZ3RZG4CAQ4DPECCAZ9VLEWCAACTVRWCANHM5CVCAEAG3FJCACU613MCA1DWYKMCADLJA30CAZKDDAJCAQQE26ZCAC2FZGKCASBVAT6.htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\VTK4PT2Z\affich-12637477-virus-win32-dans-la-session-d-admin[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\S2MTOURO\12FGQCAF7NA56CAGLA8EDCACZVK0OCAY9S65MCAYJL8S3CALX88JHCAUOYFN5CAGFHGSTCA1AY2R5CABC2OF5CARE91BQCATR0XZXCAD32VXWCATPISDPCAV9QI1PCAUPY39NCA5N8ZL7CASLRU03CACOOWCE.htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\9ZJ1VWBO\HDPH8CAATXUUDCA1LINMHCATF0IB1CAS7L82OCACAQHU7CAKM2OI9CA0EDMT8CAFFO35GCAUMZ998CA5740IPCA3T9CRFCA45M3MVCAREMSKACAB3IUNHCAWO87YTCAV2WTH4CA82GLLKCAP9I3FDCAW6KUGF.htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\9ZJ1VWBO\topdepart[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4f8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_764.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05282009_165141

Files moved on Reboot...
C:\DOCUME~1\Fayna\LOCALS~1\Temp\~DF669F.tmp moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\VW2IANC5\8SACOCAGXPWRYCA3SG44SCA1YL3ONCA78TJCWCAX9YM68CA5QHB7QCAZ3RZG4CAQ4DPECCAZ9VLEWCAACTVRWCANHM5CVCAEAG3FJCACU613MCA1DWYKMCADLJA30CAZKDDAJCAQQE26ZCAC2FZGKCASBVAT6.htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\VTK4PT2Z\affich-12637477-virus-win32-dans-la-session-d-admin[2].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\S2MTOURO\12FGQCAF7NA56CAGLA8EDCACZVK0OCAY9S65MCAYJL8S3CALX88JHCAUOYFN5CAGFHGSTCA1AY2R5CABC2OF5CARE91BQCATR0XZXCAD32VXWCATPISDPCAV9QI1PCAUPY39NCA5N8ZL7CASLRU03CACOOWCE.htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\9ZJ1VWBO\HDPH8CAATXUUDCA1LINMHCATF0IB1CAS7L82OCACAQHU7CAKM2OI9CA0EDMT8CAFFO35GCAUMZ998CA5740IPCA3T9CRFCA45M3MVCAREMSKACAB3IUNHCAWO87YTCAV2WTH4CA82GLLKCAP9I3FDCAW6KUGF.htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\9ZJ1VWBO\topdepart[1].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_4f8.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_764.dat not found!







Puis, j'ai refait l'opération et j'ai eu ce deuxième rapport :


========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Program Files\Download Direct\DLD.exe not found.
File/Folder C:\WINDOWS\system32\winxp.exe.vir not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi­on\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi­on\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Run not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Fayna\LOCALS~1\Temp\~DF8A13.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\YEWQKSIX\fr_msn_com[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\YEWQKSIX\Include[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\YEWQKSIX\OTMoveIt3[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\ads[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\affich-12637477-virus-win32-dans-la-session-d-admin[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\Sync[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\topdepart[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\MC4N42IE\ads[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\3RDR7LTS\ads[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4b0.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_760.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05282009_170130

Files moved on Reboot...
C:\DOCUME~1\Fayna\LOCALS~1\Temp\~DF8A13.tmp moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\YEWQKSIX\fr_msn_com[1].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\YEWQKSIX\Include[1].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\YEWQKSIX\OTMoveIt3[1].exe moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\ads[1].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\affich-12637477-virus-win32-dans-la-session-d-admin[1].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\Sync[1].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\N7FKXIRR\topdepart[1].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\MC4N42IE\ads[2].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\Content.IE5\3RDR7LTS\ads[2].htm moved successfully.
C:\Documents and Settings\Fayna\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_4b0.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_760.dat not found!

Oui, 31 infections et il a supprimé une part, quant à l'autre mise en quarantaine, je l'ai supprimée moi-même.
Y a-t-il autre chose à faire; je pensais que le problème était résolu !?

à+