Eradiquer TR/Crypt.XPACK.Gen [trojan]

Je commence à être épuisé pardon.

Je vois que j'envoie des trucs pas cool. Je vais me reprendre. Il semble que finalement je réussis à récupérer l'AIK en passant par Clubic (en cours de chargement) dès que c'est fait : je grave et je me lance.

Merci pour votre infinie patience... à dans quelques minutes _TRN_

C'est un peu longuet à télécharger tout ça...

Coucou, me revoilà. Avec une question ? > Le ficher que j'ai téléchargé était dans une archive que j'ai décompressées sur mon bureau...
Il ne s'agit pas d'une "image-disque" comme indiqué sur le Tuto mais d'un Dossier de l'application contenant lui-même fichiers et dossiers... Faut-il le graver ? Si oui, sous quelle forme ? (Dois-je simplement graver ledit dossier sur un CD ? ou bien y a-t-il une manip à faire avant de graver - dois-je l'installer sur mon DD - C:\ ? )

Merci _TRN_

Pas évident la Manip "ComboFix" - J'espère avoir fait ça correctement (?) Je n'ai pas trouvé le fichier txt à la racine de C:\ mais dans C:\Combofix, un dossier contenant une quantité invraissemblable d'items, dont un fichier ComboFix.txt [j'espère que c'eszt le bon fichier]

>>> Le voici :

ComboFix 08-12-28.04 - moi 2008-12-29 20:15:39.1 - NTFSx86
Microsoft® Windows Vista™ Professionnel 6.0.6000.0.1252.1.1036.18.3063.1781 [GMT 1:00]
Lancé depuis: C:\Users\moi.PC-de-moi.000\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\tmp.reg
C:\Windows\system32\x64
D:\Autorun.inf
D:\resycled
D:\resycled\boot.com
E:\Autorun.inf
E:\resycled
E:\resycled\boot.com

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-29 ))))))))))))))))))))))))))))))))))))
.

2008-12-29 20:13 . 2008-12-29 20:14 <REP> d-------- C:\32788R22FWJFW
2008-12-29 17:01 . 2000-08-11 12:10 73,728 --------- C:\WINDOWS\System32\hpoidr07.dll
2008-12-29 17:01 . 2000-08-11 12:11 61,440 --------- C:\WINDOWS\System32\hpoinw07.exe
2008-12-29 12:17 . 2008-12-29 12:17 <REP> d-------- C:\rsit
2008-12-28 20:27 . 2008-12-28 20:27 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\Malwarebytes
2008-12-28 20:27 . 2008-12-28 20:27 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-12-28 20:27 . 2008-12-28 20:27 <REP> d-------- C:\ProgramData\Malwarebytes
2008-12-28 20:27 . 2008-12-28 20:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-28 20:27 . 2008-12-03 19:52 38,496 --a------ C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2008-12-28 20:27 . 2008-12-03 19:52 15,504 --a------ C:\WINDOWS\System32\drivers\mbam.sys
2008-12-28 19:40 . 2008-12-28 19:40 691 --a------ C:\Users\moi.PC-de-moi.000\AppData\Roaming\GetValue.vbs
2008-12-28 19:40 . 2008-12-28 19:40 35 --a------ C:\Users\moi.PC-de-moi.000\AppData\Roaming\SetValue.bat
2008-12-25 11:13 . 2008-12-25 11:13 0 --a------ C:\ARK705E.tmp
2008-12-25 11:00 . 2008-12-25 11:00 0 --a------ C:\ARK4440.tmp
2008-12-25 10:49 . 2008-12-25 10:49 0 --a------ C:\ARK8289.tmp
2008-12-22 00:18 . 2008-12-22 00:18 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\GlarySoft
2008-12-19 03:04 . 2008-12-29 12:17 <REP> d-------- C:\Program Files\Trend Micro
2008-12-18 21:26 . 2008-12-18 21:26 81 --a------ C:\WINDOWS\wininit.ini
2008-12-18 20:36 . 2008-12-22 02:57 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-12-18 20:36 . 2008-12-22 02:57 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-12-18 16:10 . 2008-12-18 16:10 <REP> d-------- C:\Users\moi.PC-de-moi.000\Nouveau dossier
2008-12-17 10:29 . 2008-12-09 03:10 176 --a------ C:\WINDOWS\eower.vbs
2008-12-17 10:29 . 2008-12-09 03:18 45 --a------ C:\WINDOWS\sys.bat
2008-12-17 10:28 . 2008-12-17 10:28 <REP> d-------- C:\WINDOWS\HDTVXviD Codec
2008-12-17 10:28 . 2008-12-17 10:28 <REP> d-------- C:\Program Files\Setup
2008-12-17 10:28 . 2008-12-17 10:28 <REP> d-------- C:\Program Files\HDTVXviD Codec
2008-12-17 10:28 . 2008-12-17 10:28 <REP> d-------- C:\Program Files\extravideo
2008-12-17 00:23 . 2008-12-17 00:23 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-12-17 00:10 . 2008-12-17 00:09 410,976 --a------ C:\WINDOWS\System32\deploytk.dll
2008-12-16 17:04 . 2008-12-16 17:04 <REP> d-------- C:\Program Files\Bonjour
2008-12-16 15:59 . 2008-12-16 15:59 <REP> d----c--- C:\WINDOWS\System32\DRVSTORE
2008-12-16 15:59 . 2008-12-16 19:26 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\Apple Computer
2008-12-16 15:59 . 2008-12-16 15:59 <REP> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-16 15:59 . 2008-12-16 15:59 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-16 15:59 . 2008-12-16 15:59 <REP> d-------- C:\Program Files\iTunes
2008-12-16 15:59 . 2008-12-16 15:59 <REP> d-------- C:\Program Files\iPod
2008-12-16 15:59 . 2008-04-17 13:12 107,368 --a------ C:\WINDOWS\System32\GEARAspi.dll
2008-12-16 15:59 . 2008-04-17 13:12 15,464 --a------ C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
2008-12-16 15:57 . 2008-12-16 15:58 <REP> d-------- C:\Program Files\QuickTime
2008-12-16 15:47 . 2008-12-16 15:47 <REP> d-------- C:\Program Files\Safari
2008-12-16 15:44 . 2008-12-16 15:59 <REP> d-------- C:\Users\All Users\Apple Computer
2008-12-16 15:44 . 2008-12-16 15:59 <REP> d-------- C:\ProgramData\Apple Computer
2008-12-16 15:44 . 2008-12-16 15:59 <REP> d-------- C:\Program Files\Common Files\Apple
2008-12-16 15:39 . 2008-12-16 15:39 <REP> d-------- C:\Users\All Users\Apple
2008-12-16 15:39 . 2008-12-16 15:39 <REP> d-------- C:\ProgramData\Apple
2008-12-16 15:39 . 2008-12-16 15:39 <REP> d-------- C:\Program Files\Apple Software Update
2008-12-16 11:08 . 2008-12-16 11:08 <REP> d-------- C:\Users\All Users\Messenger Plus!
2008-12-16 11:08 . 2008-12-16 11:08 <REP> d-------- C:\ProgramData\Messenger Plus!
2008-12-15 20:22 . 2008-12-15 20:22 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-12-13 14:42 . 2008-12-13 14:42 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\Exstora
2008-12-12 11:18 . 2008-12-12 11:18 87,336 --a------ C:\WINDOWS\System32\dns-sd.exe
2008-12-12 11:11 . 2008-12-12 11:11 61,440 --a------ C:\WINDOWS\System32\dnssd.dll
2008-12-11 15:00 . 2008-12-20 13:41 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\dvdcss
2008-12-11 13:49 . 2008-12-11 13:49 <REP> d-------- C:\Program Files\BaroufaSoft
2008-12-10 21:22 . 2008-12-10 21:22 297,472 --a------ C:\WINDOWS\System32\gdi32.dll
2008-12-10 21:21 . 2008-12-10 21:21 4,247,552 --a------ C:\WINDOWS\System32\GameUXLegacyGDFs.dll
2008-12-10 21:21 . 2008-12-10 21:21 1,687,040 --a------ C:\WINDOWS\System32\gameux.dll
2008-12-10 21:21 . 2008-12-10 21:21 28,672 --a------ C:\WINDOWS\System32\Apphlpdm.dll
2008-12-10 21:20 . 2008-12-10 21:20 2,048 --a------ C:\WINDOWS\System32\tzres.dll
2008-12-10 21:18 . 2008-12-10 21:18 2,923,520 --a------ C:\WINDOWS\explorer.exe
2008-12-10 21:18 . 2008-12-10 21:18 1,383,424 --a------ C:\WINDOWS\System32\mshtml.tlb
2008-12-10 21:18 . 2008-12-10 21:18 826,368 --a------ C:\WINDOWS\System32\wininet.dll
2008-12-10 21:17 . 2008-12-10 21:17 1,831,424 --a------ C:\WINDOWS\System32\inetcpl.cpl
2008-12-10 21:17 . 2008-12-10 21:17 56,320 --a------ C:\WINDOWS\System32\iesetup.dll
2008-12-10 21:17 . 2008-12-10 21:17 26,624 --a------ C:\WINDOWS\System32\ieUnatt.exe
2008-12-10 21:16 . 2008-12-10 21:16 2,855,424 --a------ C:\WINDOWS\System32\mf.dll
2008-12-10 21:16 . 2008-12-10 21:16 996,352 --a------ C:\WINDOWS\System32\WMNetMgr.dll
2008-12-10 21:16 . 2008-12-10 21:16 98,816 --a------ C:\WINDOWS\System32\mfps.dll
2008-12-10 21:16 . 2008-12-10 21:16 94,720 --a------ C:\WINDOWS\System32\logagent.exe
2008-12-10 21:16 . 2008-12-10 21:16 52,736 --a------ C:\WINDOWS\System32\rrinstaller.exe
2008-12-10 21:16 . 2008-12-10 21:16 24,576 --a------ C:\WINDOWS\System32\mfpmp.exe
2008-12-10 21:16 . 2008-12-10 21:16 2,048 --a------ C:\WINDOWS\System32\mferror.dll
2008-12-10 15:59 . 2008-12-10 15:59 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\Ashampoo
2008-12-10 06:21 . 2008-12-10 06:21 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\Media Player Classic
2008-12-09 11:28 . 2008-12-09 11:28 <REP> d-------- C:\Users\All Users\Adobe
2008-12-09 11:28 . 2008-12-09 11:28 <REP> d-------- C:\Program Files\Common Files\Adobe
2008-12-09 11:19 . 2008-12-09 11:19 <REP> d-------- C:\Program Files\Sony
2008-12-09 11:19 . 2008-12-09 11:19 <REP> d-------- C:\Program Files\Common Files\Sony Shared
2008-12-09 11:10 . 2008-12-09 11:10 <REP> d-------- C:\Users\All Users\BVRP Software
2008-12-09 11:10 . 2008-12-09 11:10 <REP> d-------- C:\ProgramData\BVRP Software
2008-12-09 11:10 . 2008-12-09 11:10 <REP> d-------- C:\Program Files\Avanquest update
2008-12-09 10:58 . 2008-12-09 11:19 <REP> d-------- C:\Program Files\Sony Ericsson
2008-12-09 10:22 . 2008-12-09 10:22 265,595 --a------ C:\WINDOWS\runner.exe
2008-12-06 09:24 . 2008-12-06 09:24 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\Talkback
2008-12-06 09:23 . 2008-12-06 09:24 <REP> d-------- C:\Program Files\Mozilla Sunbird
2008-12-03 17:52 . 2008-12-03 17:52 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\Bullzip
2008-12-02 19:59 . 2008-12-02 19:59 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\OpenOffice.org
2008-12-01 11:15 . 2008-12-29 20:20 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\uTorrent
2008-12-01 11:15 . 2008-12-01 11:19 <REP> d-------- C:\Program Files\uTorrent
2008-12-01 09:06 . 2008-12-02 00:49 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\vlc
2008-11-30 03:04 . 2008-11-30 03:04 268,800 --a------ C:\WINDOWS\System32\es.dll
2008-11-30 03:01 . 2008-11-30 03:01 <REP> d-------- C:\WINDOWS\SQL9_KB948109_ENU
2008-11-30 00:42 . 2008-11-30 00:42 <REP> d-------- C:\Program Files\Smart PC Solutions
2008-11-29 22:55 . 2008-11-29 22:55 <REP> d-------- C:\Program Files\Amic Games
2008-11-29 22:47 . 2008-11-29 22:47 <REP> d-------- C:\Users\moi.PC-de-moi.000\AppData\Roaming\SampleView
2008-11-29 19:58 . 2008-11-29 19:58 <REP> d-------- C:\Program Files\Sidebar-Widgets
2008-11-29 19:21 . 2008-11-29 19:42 <REP> d-------- C:\Program Files\HFXP2
2008-11-29 19:03 . 2008-11-29 19:03 <REP> d-------- C:\Uninstall
2008-11-29 18:48 . 2008-11-29 18:48 76,160 --a------ C:\WINDOWS\System32\drivers\lnsfw1.sys
2008-11-29 18:48 . 2008-11-29 18:48 46,208 --a------ C:\WINDOWS\System32\drivers\lnsfw.sys
2008-11-29 18:48 . 2008-11-29 18:48 36,924 --a------ C:\WINDOWS\System32\fwapi.dll
2008-11-29 18:36 . 2008-11-29 18:36 16 --a------ C:\WINDOWS\System32\coh.cache
2008-11-29 17:52 . 2008-10-30 22:15 227,840 --a------ C:\WINDOWS\System32\bzFlRdr.dll
2008-11-29 17:52 . 2008-09-05 05:29 193,024 --a------ C:\WINDOWS\System32\bzpdf.dll
2008-11-29 17:52 . 2008-09-26 19:44 126,976 --a------ C:\WINDOWS\System32\bzpdfc.dll
2008-11-29 17:52 . 2008-07-09 23:19 103,424 --a------ C:\WINDOWS\System32\bzDCT.dll
2008-11-29 05:23 . 2008-11-29 05:23 <REP> d-------- C:\Users\moi.PC-de-moi\Pictures
2008-11-29 05:23 . 2008-11-29 05:23 <REP> d-------- C:\Users\moi.PC-de-moi\Music
2008-11-29 05:23 . 2008-11-29 05:23 <REP> d-------- C:\Users\moi.PC-de-moi\Downloads
2008-11-29 05:23 . 2008-12-02 14:49 <REP> d-------- C:\Users\moi.PC-de-moi\Documents
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\Moi\Videos
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\Moi\Pictures
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\Moi\Music
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\Moi\Downloads
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\Moi\Documents
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\Moi\AppData
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\Moi
2008-11-29 05:22 . 2008-12-09 10:58 <REP> d-------- C:\Users\All Users\Sony Ericsson
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\All Users\NCH Swift Sound
2008-11-29 05:22 . 2008-11-28 21:00 <REP> d-------- C:\Users\All Users\Google
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Users\All Users\Ashampoo
2008-11-29 05:22 . 2008-12-09 10:58 <REP> d-------- C:\ProgramData\Sony Ericsson
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\ProgramData\NCH Swift Sound
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\ProgramData\Ashampoo
2008-11-29 05:22 . 2008-11-29 05:22 <REP> d-------- C:\Program Files\Zone Labs

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-29 16:37 --------- d-----w C:\Program Files\Hewlett-Packard
2008-12-16 23:09 --------- d-----w C:\Program Files\Java
2008-12-10 20:28 174 --sha-w C:\Program Files\desktop.ini
2008-12-10 20:25 --------- d-----w C:\Program Files\Windows Mail
2008-12-10 20:24 --------- d-----w C:\ProgramData\Microsoft Help
2008-12-10 20:21 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-12-10 20:21 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-12-10 20:21 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-12-10 20:21 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-12-10 20:21 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-12-10 20:21 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-12-09 10:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-11-30 10:13 --------- d-----w C:\Program Files\Mozilla Firefox 3.1 Beta 1
2008-11-30 02:02 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-11-29 17:42 --------- d-----w C:\ProgramData\Symantec
2008-11-29 17:42 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-11-29 11:00 --------- d-----w C:\Program Files\Windows Calendar
2008-11-29 10:59 --------- d-----w C:\Program Files\Windows Sidebar
2008-11-29 04:21 --------- d-----w C:\Program Files\Crésus 3.1
2008-11-28 22:14 95,232 ----a-w C:\Windows\System32\PortableDeviceClassExtension.dll
2008-11-28 22:14 241,152 ----a-w C:\Windows\System32\PortableDeviceApi.dll
2008-11-28 22:14 160,768 ----a-w C:\Windows\System32\PortableDeviceTypes.dll
2008-11-28 22:13 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-11-28 22:13 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-11-28 22:13 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-11-28 22:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-11-28 22:11 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-11-28 22:07 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys
2008-11-28 22:07 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-11-28 22:05 211,456 ----a-w C:\Windows\system32\drivers\mrxsmb10.sys
2008-11-28 22:03 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-11-28 22:02 303,616 ----a-w C:\Windows\System32\wmpeffects.dll
2008-11-28 22:02 2,027,520 ----a-w C:\Windows\System32\win32k.sys
2008-11-28 22:01 2,048 ----a-w C:\Windows\System32\msxml3r.dll
2008-11-28 22:01 1,194,496 ----a-w C:\Windows\System32\msxml3.dll
2008-11-28 21:53 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-11-28 21:52 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-11-28 21:52 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-11-28 21:52 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-11-28 21:52 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-11-28 21:52 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-11-28 21:52 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-11-28 21:50 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-11-28 21:50 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-11-28 21:50 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-11-28 21:50 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-11-28 21:50 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-11-28 21:47 9,845,248 ----a-w C:\Windows\System32\NlsData000a.dll
2008-11-28 21:47 797,696 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-11-28 21:47 6,917,120 ----a-w C:\Windows\System32\NlsLexicons0c1a.dll
2008-11-28 21:47 4,493,312 ----a-w C:\Windows\System32\NlsData0816.dll
2008-11-28 21:47 4,493,312 ----a-w C:\Windows\System32\NlsData0416.dll
2008-11-28 21:47 4,493,312 ----a-w C:\Windows\System32\NlsData0414.dll
2008-11-28 21:47 2,641,408 ----a-w C:\Windows\System32\NlsData000c.dll
2008-11-28 21:47 2,340,864 ----a-w C:\Windows\System32\NlsData000d.dll
2008-11-28 21:47 1,963,520 ----a-w C:\Windows\System32\NlsData0c1a.dll
2008-11-28 21:47 1,963,520 ----a-w C:\Windows\System32\NlsData081a.dll
2008-11-28 21:47 1,963,520 ----a-w C:\Windows\System32\NlsData000f.dll
2008-11-28 21:44 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
2008-11-28 21:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-11-28 21:41 290,304 ----a-w C:\Windows\system32\drivers\srv.sys
2008-11-28 21:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2008-11-28 21:41 2,048 ----a-w C:\Windows\System32\asferror.dll
2008-11-28 21:40 --------- d-----w C:\Program Files\Windows Live
2008-11-28 21:39 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2008-11-28 21:39 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2008-11-28 21:39 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2008-11-28 21:39 425,472 ----a-w C:\Windows\System32\PhotoMetadataHandler.dll
2008-11-28 21:39 39,936 ----a-w C:\Windows\System32\slcinst.dll
2008-11-28 21:39 351,232 ----a-w C:\Windows\System32\SLUI.exe
2008-11-28 21:39 33,280 ----a-w C:\Windows\System32\slwmi.dll
2008-11-28 21:39 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2008-11-28 21:39 223,232 ----a-w C:\Windows\System32\SLC.dll
2008-11-28 21:39 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2008-11-28 21:39 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2008-11-28 21:38 347,136 ----a-w C:\Windows\System32\WindowsCodecsExt.dll
2008-11-28 21:35 83,968 ----a-w C:\Windows\System32\dnsrslvr.dll
2008-11-28 21:35 24,576 ----a-w C:\Windows\System32\dnscacheugc.exe
2008-11-28 21:35 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-11-28 21:35 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-11-28 21:35 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-11-28 21:27 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
2008-11-28 21:27 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-11-28 21:27 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2008-11-28 21:27 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2008-11-28 21:27 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
2008-11-28 21:27 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
2008-11-28 21:27 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
2008-11-28 21:26 5,120 ----a-w C:\Windows\System32\wmi.dll
2008-11-28 21:26 152,576 ----a-w C:\Windows\System32\imagehlp.dll
2008-11-28 21:26 12,800 ----a-w C:\Windows\system32\drivers\fs_rec.sys
2008-11-28 21:26 1,645,568 ----a-w C:\Windows\System32\connect.dll
2008-11-28 21:26 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-11-28 21:25 99,840 ----a-w C:\Windows\System32\poqexec.exe
2008-11-28 21:25 --------- d-----w C:\Program Files\MSXML 4.0
2008-11-28 21:24 3,505,208 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-11-28 21:24 3,470,904 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-11-28 21:24 2,048 ----a-w C:\Windows\System32\msxml6r.dll
2008-11-28 21:24 1,341,440 ----a-w C:\Windows\System32\msxml6.dll
2008-11-28 21:21 750,080 ----a-w C:\Windows\System32\qmgr.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-11-28 22:35 1232896]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 12:26 484904]
"UIWatcher"="C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe" [2008-04-22 08:47 3508568]
"Off4Fit"="C:\Program Files\Smart PC Solutions\Off4Fit\Off4Fit.exe" [2008-07-22 14:16 539648]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2008-12-01 11:15 270128]
"Exstora"="C:\Program Files\Exstora\Exstora.exe" [2008-07-04 09:22 248832]
"Ovulation Calendar Calculator"="C:\Program Files\Ovulation Calendar Calculator\ovCalendar.exe" [2008-07-05 23:10 6191616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-10-17 15:55 1097728]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-05-11 17:40 138008]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-05-11 17:40 154392]
"PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [2007-05-08 07:38 331552]
"PTHOSTTR"="C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 14:52 145184]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 14:36 827392]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-05-11 12:21 472632]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 15:12 317128]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 10:54 50696]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 15:17 163840]
"CognizanceTS"="C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 18:12 17920]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 13:28 266497]
"Look 'n' Stop"="C:\Program Files\Soft4Ever\looknstop\looknstop.exe" [2008-11-29 18:48 376900]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-11-20 13:20 290088]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 14:16 111936]
"WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 11:00 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"="C:\Windows\SMINST\launcher.exe" [2007-03-09 15:24 44168]

C:\Users\moi.PC-de-moi.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 17:49:52 384000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Ashampoo Magic Defrag.lnk - C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe [2008-04-05 18:38:45 4104293]
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-04 00:11:28 192512]
Matrix Screen Locker.lnk - C:\Program Files\BaroufaSoft\Matrix Screen Locker\matrix.exe [2006-01-29 19:02:24 539136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

Je viens voir si je suis toujours en course ou si je suis "largué"...

C'est bien joli toutes ces manips...
Voilà que maintenant mon logiciel de gravure ne fonctionne plus [ il semble que les différentes suppressions des divers outils utilisés fassent des dégats colatéraux ! ]
...Pour résumer : pour le moment je trouve que mes problèmes... se sont plutôt aggravés (ben oui).

...Et toujours ces "Alertes" de la part d'Antivir ! Je vais finir par croire que c'est un "Hoax" !!!
(sic - je plaisante, faut bien que j'exulte un peu)
Mon problème initial = intact & des problèmes supplémentaires en série. Qu'en penser ???

Dois-je rester devant mon ordi ou y a-t-il de votre côté une "trève" (que je trouverais tout-à-fait normale soit dit en passant) qui me suggère de revenir plus tard ?
Pardon de le formuler comme ça, je ne me représente pas très bien les coulisses et -évidemment- je ne me rends pas compte de ce qui se passe vu de votre côté...

Je sais fort bien que je ne suis pas le seul a batailler avec ce "Trojan" TR/Crypt.XPack.Gen.

Quelques mots pour l'Interlude (...) m'aideraient à patienter... _MERCI_ TheRealNesus.

Bonjour ^^Marie^^ (**) (sic)
Oui, c'est bien naturel que tu te reposes, Esope aussi [ Si tu ne captes pas, je te dirai aprés ]...

Merci d'être encore là pour (entre-autres!!!) moi...

Alors, de mon côté, j'ai essayé d'être un peu plus "loquace"...et je suis allé voir ce qui se passe du côté Avira + J'ai fait (tu verras, ci-dessous) un second "Scan" avec l'outil Anti-Rootkit

Je colle tout ça à la suite du RAPPORT de HiJackThis !

--------------------------------------------------------------------------

Voila, ^^Marie^^, un nouveau RAPPORT, HiJackThis

- Effectué juste après les Deux "Scan" Antivir [ Normal (C:) et Anti-RootKit (C: & E:)




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:36, on 2008-12-30
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\SMINST\scheduler.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Exstora\Exstora.exe
C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe
C:\Program Files\BaroufaSoft\Matrix Screen Locker\matrix.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\WINDOWS\System32\notepad.exe
C:\Users\moi.PC-de-moi.000\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Off4Fit] C:\Program Files\Smart PC Solutions\Off4Fit\Off4Fit.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Exstora] "C:\Program Files\Exstora\Exstora.exe"
O4 - HKCU\..\Run: [Ovulation Calendar Calculator] C:\Program Files\Ovulation Calendar Calculator\ovCalendar.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Ashampoo Magic Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragCtrl.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Matrix Screen Locker.lnk = C:\Program Files\BaroufaSoft\Matrix Screen Locker\matrix.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{318A4654-E274-49B2-B77D-03391D7AB077}: NameServer = 85.255.115.50,85.255.112.154
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2223C1B-72E2-4D2C-A173-DC1B08F0B4F5}: NameServer = 85.255.115.50,85.255.112.154
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154
O17 - HKLM\System\CS1\Services\Tcpip\..\{318A4654-E274-49B2-B77D-03391D7AB077}: NameServer = 85.255.115.50,85.255.112.154
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magic Defrag\bin\aDefragService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

Merci ^^Marie^^ (**) (xxx)

Bonsoir Lyonnais92,

Voici le Scan Antivir demandé [ Rootkit-Search Activé ]

>>>

Avira AntiVir Personal
Report file date: mercredi 7 janvier 2009 00:53

Scanning for 1153470 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Boot mode: Normally booted
Username: moi
Computer name: PC-DE-MOI

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.1.33 1705984 Bytes 24/12/2008 18:39:56
ANTIVIR2.VDF : 7.1.1.60 318976 Bytes 02/01/2009 18:40:00
ANTIVIR3.VDF : 7.1.1.74 158208 Bytes 06/01/2009 23:34:52
Engineversion : 8.2.0.45
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
AESCRIPT.DLL : 8.1.1.19 336252 Bytes 11/12/2008 19:25:38
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 11/12/2008 19:25:35
AEHEUR.DLL : 8.1.0.75 1524087 Bytes 11/12/2008 19:25:34
AEHELP.DLL : 8.1.2.0 119159 Bytes 28/11/2008 21:08:12
AEGEN.DLL : 8.1.1.8 323956 Bytes 11/12/2008 19:25:28
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.5.2 172405 Bytes 28/11/2008 21:08:08
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 7 janvier 2009 00:53

Starting search for hidden objects.
'74940' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'HPHC_Service.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'HpqToaster.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'matrix.exe' - '1' Module(s) have been scanned
Scan process 'aDefragCtrl.exe' - '1' Module(s) have been scanned
Scan process 'Exstora.exe' - '1' Module(s) have been scanned
Scan process 'UIWatcher.exe' - '1' Module(s) have been scanned
Scan process 'LightScribeControlPanel.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'looknstop.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'QLBCTRL.exe' - '1' Module(s) have been scanned
Scan process 'WiFiMsg.exe' - '1' Module(s) have been scanned
Scan process 'HPWAMain.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'pthosttr.exe' - '1' Module(s) have been scanned
Scan process 'pdfsty.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'Scheduler.exe' - '1' Module(s) have been scanned
Scan process 'LMIGuardian.exe' - '1' Module(s) have been scanned
Scan process 'LogMeInSystray.exe' - '1' Module(s) have been scanned
Scan process 'asghost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'hpqWmiEx.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '1' Module(s) have been scanned
Scan process 'sqlbrowser.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'pdfsvc.exe' - '1' Module(s) have been scanned
Scan process 'LMIGuardian.exe' - '1' Module(s) have been scanned
Scan process 'LogMeIn.exe' - '1' Module(s) have been scanned
Scan process 'ramaint.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'iviRegMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'BcmSqlStartupSvc.exe' - '1' Module(s) have been scanned
Scan process 'aDefragService.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'agrsmsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'hpservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
83 processes with 83 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '60' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>


End of the scan: mercredi 7 janvier 2009 01:43
Used time: 50:09 Minute(s)

The scan has been done completely.

20477 Scanning directories
753810 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
753809 Files not concerned
6630 Archives were scanned
1 Warnings
0 Notes
74940 Objects were scanned with rootkit scan
0 Hidden objects were found

>>>> _____________________________________________________

Personnellement quand je regarde ça j'ai l'impression d'essayer de lire dans le marc de café !

Chapeau si tu y vois quelquechose.